Assignment Yones Azzab Liberty University
Lab: MD5 Collision Attack Assignment
Yones Azzab
CSIS463_B01
, MD5 Collision Attack Assignment | 2
Lab: MD5 Collision Attack Assignment
Introduction
The pre-built Ubuntu image and instructions from SEED Labs are used in this
experiment. The assignment in question is called "MD5 Collision Attack Lab." "...the MD5, like
any hash function, has a concept such as collisions - it is about getting the same hashes for
different characters' source strings." (Touil Hamza et al., 2021). I have a better knowledge of
MD5 hash functions and the problems collisions can cause with them after doing this lab. The
md5collgen program, which generates MD5 collisions, and MD5 hash functions were introduced
in the lab. After doing all four jobs, I became aware of how simple it was to write applications
with distinct functionalities but the same MD5 hash. The speed at which I was able to take use of
this still-in-use algorithm shocked me. "MD5 has been widely used for many years due to several
notable advantages, particularly in scenarios where speed and simplicity are key considerations"
(Spasojevic, 2024, p. 1). In addition to the fact that I was able to quickly exploit the MD5
method, a lot of specialists advise against using it due to its numerous weaknesses.
"Nevertheless, it is still common practice to secure web login passwords by hashing them using
MD5, despite its low level of security" (Agung Dwi Nugroho & Mantoro, 2023).
Oracle VirtualBox and the SEED Labs Ubuntu 20.04 image were needed for this
experiment. I had already used VirtualBox for several other projects, so setting up the virtual
computer was not too difficult. To assist with this, I used a SEED VM manual that I discovered
(Seed-Labs/Seed-Labs, n.d.). It was excellent, in my opinion, to already have bless, md5sum,
and md5collgen installed. I had trouble with some parts of the lab and had to retake others,
especially in tasks 3 and 4. I had a pleasant experience in the lab overall.
, MD5 Collision Attack Assignment | 3
Method
As previously stated, there were four tasks in this lab to be completed. I will outline my
process in detail step-by-step.
Task 1:
I started by using the echo command to create a prefix.txt file:
Echo “Yones codes rock” >> prefix.txt
I then used the md5collgen tool to make several files with the same hash from the prefix.txt file:
Md5collgen -p prefix.txt -o output1.bin output2.bin
I used the diff command to see if the two out files differed after creating them:
diff out1.bin and out2.bin
I used the xxd command to visualize the code in hexadecimal, and then I used the md5sum
program to see each one's resulting MD5 hash. I then wrote a code to size the prefix.txt file to be
exactly 64-bytes using the following command:
Echo “$(python3 -c ‘print(“A”*63’) >> prefix_64.txt
I confirmed this was correct with the ls command. It took a couple of tries to get this right. I
then repeated the md5collgen process to produce output files so that I could compare the 64-byte
prefix.txt file with other files. I used bless to explore the output files to answer the questions
asked in the lab.
Task 2: