# ebctf 2013: MD5 COLLIDING

## The Plan

We need…

1. a win32 binary which is able to produce all of the 5 different outputs
2. a way to create multiple files with the same MD5 (they checked for that, simply uploading the same file 5 times didn’t work)
3. a way to decide when to produce which output

## The Solution

After some googling we found the tool fastcoll which generates MD5 collisions really fast (a CMake file to create the fastcoll binary is added at the end of this writeup). With fastcoll we were able to create multiple binaries with the same MD5 due to the fact that adding the “same” block to a MD5 calculation will lead to the same MD5. Also it’s no problem to add some additional data at the end of a (win32) binary.

To test the online-checking of the server, we decided to create a binary which connects back to one of our machines and sends us the filename. Surprisingly there were a lot of connections, much more than the 5 we expected (from the number of binaries we uploaded). Seems that this was a prevention against lucky guessing by executing the binary multiple times. But more interesting was the fact that each name of the executed binary looked like ${randomdata}.${nr_of_binary} (There were more deterministic parts in the random part, but I din’t write them down during the CTF). So we changed the binary to print the specific output depending on the last char of the filename.

Uploaded the binaries, and voila got the flag.