哈希长度扩展攻击(Hash Length Extension Attack)利用工具hexpand安装使用方法-白红宇

哈希长度扩展攻击(Hash Length Extension Attack)利用工具hexpand安装使用方法

阅读量：4679 次

发布时间：2019-06-09

本文共 5003 字，大约阅读时间需要 16 分钟。

去年我写了一篇，本来已经足够了，但HashPump还不是很完善的哈希长度扩展攻击，HashPump在使用的时候必须提供original_data，近来的哈希长度扩展攻击的题目已经不提供original_data，从原理上来说也不一定需要这个original_data，所以今年pcat又来写一篇hexpand的安装使用方法，鉴于时间关系，本人只在kali、Ubuntu14.04下测试。

--------------------------------------------------------------------

1. 安装pkg-config

目前最新版pkg-config-0.29.2.tar.gz

v=0.29.2wget https://pkg-config.freedesktop.org/releases/pkg-config-${v}.tar.gztar -xzvf pkg-config-${v}.tar.gzcd pkg-config-${v}/./configure --with-internal-glib && make && make install

2. 安装OpenSSL开发包

apt-get updateapt-get install -y libssl-dev

3. hexpand的安装

git clone https://github.com/amlweems/hexpandcd hexpandmake

4. 报错Package openssl was not found in the pkg-config search path.

搜索本机pkgconfig文件夹的openssl.pc、libssl.pc、libcrypto.pc，并将这3个文件复制到/usr/lib/pkgconfig/（如果不存在就新建个）下，然后

export PKG_CONFIG_PATH=/usr/lib/pkgconfig:$PKG_CONFIG_PATH

再进去hexpand所在目录下进行hexpand的编译

5. 报错make: clang: Command not found

apt-get install clang

6. hexpand的使用方法

在hexpand所在目录（当然你也可以把文件复制到/usr/bin/里）

./hexpand -t md5 -s 21232f297a57a5a743894a0e4a801fc3 -l 5 -m "pcat"

其中-l的5是哈希原文的长度，运行后就会得到附加数据，以及新得到的哈希值。

7. Kali 2018.1等安装错误

-= 2018.08补充 =-

按以上的方法如果在Kali 2018.1或者别的版本上运行报错如下：

hexpand.c:22:27: error: incomplete definition of type 'struct evp_md_ctx_st'        int length_modulo = mdctx->digest->block_size;                            ~~~~~^/usr/include/openssl/ossl_typ.h:92:16: note: forward declaration of 'struct evp_md_ctx_st'typedef struct evp_md_ctx_st EVP_MD_CTX;               ^hexpand.c:32:63: error: incomplete definition of type 'struct evp_md_ctx_st'        unsigned char* h_data = (unsigned char *)((SHA512_CTX *)mdctx->md_data)->h;……

这个跟系统有关系，Kali每一次变化都很大。这个得更新到最新的OpenSSL

git clone https://github.com/PeterMosmans/opensslcd openssl./config && make && make test && make install

在最后的make install会看到

cp libcrypto.pc /usr/local/ssl/lib/pkgconfigchmod 644 /usr/local/ssl/lib/pkgconfig/libcrypto.pccp libssl.pc /usr/local/ssl/lib/pkgconfigchmod 644 /usr/local/ssl/lib/pkgconfig/libssl.pccp openssl.pc /usr/local/ssl/lib/pkgconfigchmod 644 /usr/local/ssl/lib/pkgconfig/openssl.pc

把这3个新的pc文件替换到/usr/lib/pkgconfig/下

cd /usr/local/ssl/lib/pkgconfig/ && cp openssl.pc libssl.pc libcrypto.pc /usr/lib/pkgconfig/

再进去hexpand文件夹下编译会报错：

hexpand.c:47:70: error: format specifies type 'unsigned int' but the argument has type '__uint64_t' (aka 'unsigned long') [-Werror,-Wformat]        if (length_modulo == 128) sprintf(output+2*padding, "%032" PRIx32 , htole64(8*length));                                                             ~~~~~~         ^~~~~~~~~~~~~~~~~/usr/include/endian.h:75:22: note: expanded from macro 'htole64'#  define htole64(x) __uint64_identity (x)                     ^~~~~~~~~~~~~~~~~~~~~hexpand.c:48:48: error: format specifies type 'unsigned int' but the argument has type '__uint64_t' (aka 'unsigned long') [-Werror,-Wformat]        else sprintf(output+2*padding, "%016" PRIx32 ,htole64(8*length));                                        ~~~~~~        ^~~~~~~~~~~~~~~~~/usr/include/endian.h:75:22: note: expanded from macro 'htole64'#  define htole64(x) __uint64_identity (x)                     ^~~~~~~~~~~~~~~~~~~~~2 errors generated.Makefile:21: recipe for target 'hexpand.o' failed

这个就是系统文件的问题了，我查阅了当前的/usr/include/endian.h

# define htole64(x) __uint64_identity (x)

而查阅老系统版本的/usr/include/endian.h

# define htole64(x) (x)

所以这个问题的暂时解决方法，修改下hexpand.c文件

sed -i 's/htole64(8\*length)/(8\*length)/g' hexpand.c

再进行编译，报错：

clang hexpand.o main.o -o hexpand  -L/usr/local/ssl/lib -lssl -lcrypto/usr/local/ssl/lib/libcrypto.a(dso_dlfcn.o): In function `dlfcn_globallookup':dso_dlfcn.c:(.text+0x11): undefined reference to `dlopen'dso_dlfcn.c:(.text+0x24): undefined reference to `dlsym'dso_dlfcn.c:(.text+0x2f): undefined reference to `dlclose'/usr/local/ssl/lib/libcrypto.a(dso_dlfcn.o): In function `dlfcn_bind_func':dso_dlfcn.c:(.text+0x374): undefined reference to `dlsym'dso_dlfcn.c:(.text+0x432): undefined reference to `dlerror'/usr/local/ssl/lib/libcrypto.a(dso_dlfcn.o): In function `dlfcn_bind_var':dso_dlfcn.c:(.text+0x4a7): undefined reference to `dlsym'dso_dlfcn.c:(.text+0x562): undefined reference to `dlerror'/usr/local/ssl/lib/libcrypto.a(dso_dlfcn.o): In function `dlfcn_load':dso_dlfcn.c:(.text+0x5c8): undefined reference to `dlopen'dso_dlfcn.c:(.text+0x62d): undefined reference to `dlclose'dso_dlfcn.c:(.text+0x665): undefined reference to `dlerror'/usr/local/ssl/lib/libcrypto.a(dso_dlfcn.o): In function `dlfcn_pathbyaddr':dso_dlfcn.c:(.text+0x701): undefined reference to `dladdr'dso_dlfcn.c:(.text+0x75f): undefined reference to `dlerror'/usr/local/ssl/lib/libcrypto.a(dso_dlfcn.o): In function `dlfcn_unload':dso_dlfcn.c:(.text+0x7b2): undefined reference to `dlclose'clang: error: linker command failed with exit code 1 (use -v to see invocation)Makefile:19: recipe for target 'hexpand' failed

这也是新版OpenSSL的问题，只要加上-ldl -lpthread进行编译即可，编辑Makefile文件

sed -i 's/--libs openssl)/& -ldl -lpthread /g' Makefile

最后就可以顺利编译成功。

转载于:https://www.cnblogs.com/pcat/p/7668989.html

你可能感兴趣的文章

java 获取颜色_java关于照片属性的获取，颜色模式