Two executable files, one md5sum

• Working in the md5collision directory
  1. Create a c++ program, myapp.cpp.
     • Start with the basic shell

       #include <iostream>
       #include <iomanip>
       
       using namespace std;
       
       int main() {
           return 0;
       }

  2. We want to add some space where we can put in the different blocks of data with the same hash value.
     • This will be what gets replaced later.
     • It needs to be big enough so that it can
       • hold 128 characters
       • be on a 64 byte boundary
     • Add a global variable unsigned char A[201]
       • Initialize this to be all 'a'

         
         using namespace std;
         
         unsigned char A[201] {"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" };

       • This is 201 since we initialized it with a string and the last element of a string is a null character.
       • This needs to be global
       • And it needs to be initialized.
  3. Build this make myapp
     • I will make a Makefile with a single line: all: myapp
  4. Add a loop to print the array

     • for(int i = 0; i < 200; ++i) {
          cout << dec << setw(3) << i
               << hex << setw(4) 
               << static_cast<short>(A[i]) << endl;
       }

     • Compile and convince yourself it works.
  5. Check the executable with bless
     • We want to find where the array A is
     • bless myapp
     • Search for aaaa, but search as text, not hex
     • In my code, the block started at 12324
       • You will need to click on the address to change it to decimal at the bottom of the screen.
  6. Please note, the numbers in the next part may change,
  7. Split the program into two parts, a prefix and a suffix
     • The split point needs to be on a 64 byte boundary
       • 12324 % 64 = 36
       • So the boundary will be 28 bytes away or at 12324 + 28 = 12352
       • head -c 12352 myapp > prefix
     • This will be padded with 128 bytes,
       • so we want the rest of the file to be 12352 + 128 = 12480
       • tail -c +12481 myapp > suffix
     • Build the two different prefixes with the same md5 sum
       • ./md5collgen/md5collgen -p prefix -o partA partB
       • Build the two different executable files
       • cat partA suffix > myappA
       • cat partB suffix > myappB
     • Make them executable
       • chmod u+x myappA myappB
     • Check the md5sum
       • md5sum myappA myappB
     • Run them and see that they produce different output
  8. We will be doing this a bit, so put this in a bash script
     • Edit buildit and add the following code:

     • #!/bin/bash
       make
       head -c 12352 myapp > prefix
       tail -c +12481 myapp > suffix
       ./md5collgen/md5collgen -p prefix -o partA partB
       cat partA suffix > myappA
       cat partB suffix > myappB
       chmod u+x myappA myappB
       md5sum myappA myappB

     • make it executable
       • chmod u+x buildit
     • run it
       • ./buildit
     • If everything is right, you should have two executable programs (myappA and myappB) which have the same md5 code but are different.
  9. Here is the code for this part.