New SHA1 Attack ? Linux, UNIX Engineers Blog Fix
So I have some of the ingredients that we can talk about. We have a topic, we have a tool, and all that we need is a vulnerable application. We found a couple that had been used in CTFs, and one that also included some other interesting crypto challenges called CryptOMG by SpiderLabs. They published the solutions to the first and second challenges on their blog. This is the solution to the fifth challenge which is a hash length extension attack, and of course we will use hash_extender to do so. Installing CryptOMG is covered in Appendix A.
New SHA1 attack – Linux, UNIX engineers blog
Note: This is a very long script that downloads additional scripts and changes or adds many configurations on Linux servers. This blog has the highlights of what the script is doing to provide a fast reference guide to this attack. Some of the things that the script is doing are not documented in this blog post. The hash of the script is available at the end of this article. It has also been uploaded to VirusTotal.
Over 80% websites in the internet are vulnerable to hacks and attacks. In our role as hosting support engineers for web hosts, we perform periodic security scans and updates in servers to protect them from hacks.
This blog post won't go into the technical details on how the attacker gets into the ESXi hosts to execute the actual ransomware. This could for example be done through an RCE vulnerability such as the one for SLP in ESXi or through Active Directory->vCenter Server->ESXi, but also in other ways. A future blog post will analyze this in more detail and provide more suggested protections.