md5 collisions and the way php interprets types (php hash collisions)

As I was recently working on the Homeless vulnhub CTF by Min Ko Ko, one of steps required to proceed further contained the following code: So that’s quite a tricky challenge requiring all the md5 input fields to collide. While trying to solve this and researching about collisions further I gathered the following resources: @joshwr1ght It may also be a good idea to look at the birthday problem and the birthday attack. Additional threads: I’ve still not found a solution to it as md5 preimage attacks do not seem to be currently achievable, however I consider the above resources were a good way to start. Update: the solution on how to generate md5 collisions and send binary data over HTTP is described in the Homeless CTF walkthrough

Leave a Reply

Your email address will not be published. Required fields are marked *