Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Pirated Windows 7 Builds Botnet with Trojan

14 May 2009   #51
andych

Windows 7 RTM Ultimate - Activated (Technet)
 
 

Quote   Quote: Originally Posted by PhreePhly View Post
From Software Integrity Checksum and Code Signing Vulnerability which is one of the exploits referenced from your reference:

Excerpt:
"It is important to note that the hash value shared by the two different files is a result of the collision construction process. We cannot target a given hash value, and produce a (meaningful) input bit string hashing to that given value. In cryptographic terms: our attack is an attack on collision resistance, not on preimage or second preimage resistance. This implies that both colliding files have to be specially prepared by the attacker, before they are published on a download site or presented for signing by a code signing scheme. Existing files with a known hash that have not been prepared in this way are not vulnerable."

Basically the MD5 exploit can create two files with the same hash, but it can't produce a file to match a given hash.

PhreePhly
Cleared that one up then.....lol

It did make for interesting reading.....and now my head hurts...


My System SpecsSystem Spec
.
14 May 2009   #52
darkassain

Windows 7 Ult x64(x2), HomePrem x32(x4), Server 08 (+VM), 08 R2 (VM) , SuSe 11.2 (VM), XP 32 (VM)
 
 

and that is where SHA-1 comes into play....
my source is my own knowledge and one of my favorite podcasts...
security now (link)...
specifically episode 35 where he explains crypto hashes...
basically while md5 collisions may take place
SHA-1 collisions are next to impossible....
remember 2^63 is alot of numbers...
but like always we are talking about probability...
there is a very very very very very very small chance that the hash is collisional and that you can build from there...
but the chance is so small that you might as well give up...

there is a saying that amateurs go to cryptography and professionals goes into stats...
Quote   Quote: Originally Posted by jimbo45 View Post
Hi all
It CAN be done using modern cryptology methods
BUT you need these in place to be able to do it.

1) The ENTIRE computing resources of the planet at your disposal
2) A time period longer than the estimated remaining lifetime of the Sun (around 4.5 Billion years - but mankind will be extinct LONG LONG before that).

Once we get into the realms of "Quantum Computing" then it can be done quickly and easily --in fact any current encryption - even DES 128 bit stuff etc etc can be broken -- the problem is that nobody has built a Quantum computer yet that contain more than a few "Qubits" which have a "coherence" i.e lifetime of more than a few seconds.

As far as people on these Forums are concerned if the set of Hashes match then the image is 100% OK. No if's, no Buts. It's just a fact - unless you've found a way of circumventing the laws of Physics and Mathematics.

Cheers
jimbo
im pretty sure you are talking about triple DES as a old plain DES key is only 56 bits long
My System SpecsSystem Spec
14 May 2009   #53
Win7User512

Windows 7 x64 / Same
 
 

This is ingenious. Much like that Conficker thing.
My System SpecsSystem Spec
.

14 May 2009   #54
holo88

Windows 7 Ultimate x32
 
 

I have NO IDEA what you guys are babbling about
oh well.

i guess logically people who even suspect their version is infected should just go to M$ and get a new clean copy and reinstall. and hope to whichever divinity they believe in, that their precious information hasn't been stolen.
My System SpecsSystem Spec
14 May 2009   #55
darkassain

Windows 7 Ult x64(x2), HomePrem x32(x4), Server 08 (+VM), 08 R2 (VM) , SuSe 11.2 (VM), XP 32 (VM)
 
 

Quote   Quote: Originally Posted by holo88 View Post
I have NO IDEA what you guys are babbling about
oh well.

i guess logically people who even suspect their version is infected should just go to M$ and get a new clean copy and reinstall. and hope to whichever divinity they believe in, that their precious information hasn't been stolen.
just look at the link i gave and listen to that podcast Crypto Issues (30), Crypto 102 (31), Symmetric Block Ciphers (33), and Public Key Cryptography (34) finally ending up with Cryptographic Hashes (35)....
that will give a good basic understanding of crypto (i like to think of it more like a crash course..) and will not be too hard to follow as they have transcripts so can follow along with what they say...
My System SpecsSystem Spec
14 May 2009   #56
holo88

Windows 7 Ultimate x32
 
 

wut?


lol.
guess im just tired, its 5am on my block.
My System SpecsSystem Spec
14 May 2009   #57
DrWho

Windows XP-Pro-SP3, Windows 7
 
 

I'm with 'holo88'......wazzzzzzz Upppppp?
My System SpecsSystem Spec
14 May 2009   #58
Satch

Windows 7
 
 

Quote   Quote: Originally Posted by redsoxm16 View Post
no no. Satch is referring to when Night Hawk was going on about some windows.old file and some russian stuff in it or something, which then led to him saying even if the hashes match up from a leaked build to a MS released build there can be a difference...
logic says there can't be a difference.
Satch is waiting for Night Hawk to prove logic wrong.
Correct me if i'm wrong Satch

edit: i don't want to be dragged into the whole Night Hawk/Satch thing.
i was just trying to clear up what i saw satch as saying
Yep, you are correct redsoxm16. And there is no Night Hawk/Satch thing! I've just simply asked a question (or proof) that I'm not getting a straight answer for.

Quote   Quote: Originally Posted by Plantje View Post
Ok, sorry, my bad
No worries.
My System SpecsSystem Spec
Reply

 Pirated Windows 7 Builds Botnet with Trojan




Thread Tools




Similar help and support threads
Thread Forum
Getting rid of a pirated copy of windows 7
Hi, I have recently been stupid enough to let someone install a ''genuine'' copy of windows 7 home premium on my computer and now it has all gone wrong, recognising that my copy is not genuine and insisting that I activate the account. Unfortuanetly the system restore does not work and I have...
Installation & Setup
Windows 7 Pirated version to Legit Win 7 Pro
I have a computer with a Win 7 Ultimate 64 bit operatiing system. I have taken hours setting it up only to find out that the win 7 product key was already used on another computer in my office. I have an unused Win Professional 7 64-bit I want to use. I tried simply using the new product key but of...
Installation & Setup
How to know if your windows 7 is pirated/illegal copy?
not that i have an illegal copy but just wondering how can you tell from the original/legal copy and the pirated/bootleg one?
General Discussion


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 17:50.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App