On Tue, 30 Dec 2008 15:29:54 PST, chort said: > Assuming source code, or even full attack details, are published any > time soon http://www.win.tue.nl/hashclash/rogue-ca/ had reasonably complete details, at least enough to make obviously clear that this is one attack that will *not* make it into metsploit (which makes it pretty obvious that n3td3v did not in fact read and comprehend that URL before commenting). About the only part that isn't spelled out is in section 5.3.4: "However, some crucial improvements to this method have been developed that made the present application possible. Details of those improvements will be published in a forthcoming academic paper." And if you don't have a room full of PS3s, the FAQ at the bottom helpfully tells you that the attack needed the equivalent of 32 CPU-years inside a 3-day window, which tells you a 4,000 node botnet could probably work (again, outside the feature list for metasploit). Presumably, a larger botnet would allow a BFI attack that lacked the "crucial improvements".
Attachment:
pgpHBYZ_6ER7j.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/