quote:
Erm, surely it will increase you chances by a huge amount and reduce the potential processing time if you have several possible "clash" victims. You work out the SHA once, and then compare with all the signed stuff. Check if there's a match. Oh, and it doesn't have to be a dash - it can be any MS signed XBE surely?
unquote:
I see you're point know... I think...
More changes to find a correct hash then, But then there's a HUGE problem.
>> hashes are also checked against the total programdata-block. So; even if i find a know signed hash into one of the MS dashes; I can ONLY use it if it's exactly the same sise as the patched one!!!! Otherwise the .xbe file length is not the same anymore, and therefore ms signing is not ok anymore (it checks the lenght of .xbe too!)
Otherwise, into a certain .xbe are more programblocks; all with there own sha1 hash, verified into the header... If we change another datablock then to get the same filelenght of the original .xbe file; then this blokc is fals sha1 hashed.
The xbox kernal refuses to execute false sha1 hased programblocks, but if the ms signing is valid; and sha1 too, then it MIGHT be execute still the other parts; including owr own hashed one...
Anybody who knows more?
Are there MS signed files with BAD sha1 hashes already?
Author
Topic: Sha1 Hash Cracking Algoritm (Read 171 times)