SecuriTeam Blogs » Practical Exploiation of MD5 Collisions

Practical Exploiation of MD5 Collisions

September 23rd, 2005 by noam, Filed under: Commentary, Full Disclosure

A post at Code Project brings to light the first case I have seen to making two binary version of two different pieces of software that while both have the same MD5, one is dubbed evil while the other is dubbed good.

The evil piece of software can do anything good or evil that the good piece of software doesn’t, while still having the same MD5 signature.

For the time being the resulting binary files require an extractor to “release” the piece of software embedded within it, but this is no big deal as most of software you download from the Internet comes packed and requires some sort of an extractor or running an installation program.