| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <32464.1230681764@turing-police.cc.vt.edu>
Date: Tue, 30 Dec 2008 19:02:44 -0500
From: Valdis.Kletnieks@...edu
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Creating a rogue CA certificate
On Tue, 30 Dec 2008 15:29:54 PST, chort said:
> Assuming source code, or even full attack details, are published any
> time soon
http://www.win.tue.nl/hashclash/rogue-ca/ had reasonably complete details,
at least enough to make obviously clear that this is one attack that will
*not* make it into metsploit (which makes it pretty obvious that n3td3v did
not in fact read and comprehend that URL before commenting).
About the only part that isn't spelled out is in section 5.3.4:
"However, some crucial improvements to this method have been developed that
made the present application possible. Details of those improvements will be
published in a forthcoming academic paper."
And if you don't have a room full of PS3s, the FAQ at the bottom helpfully
tells you that the attack needed the equivalent of 32 CPU-years inside a 3-day
window, which tells you a 4,000 node botnet could probably work (again, outside
the feature list for metasploit). Presumably, a larger botnet would allow
a BFI attack that lacked the "crucial improvements".
Content of type "application/pgp-signature" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists