Help
RSS
API
Feed
Maltego
Contact
Domain > shattered.it
×
Welcome!
Right click nodes and scroll the mouse to navigate the graph.
×
More information on this domain is in
AlienVault OTX
Is this malicious?
Yes
No
DNS Resolutions
Date
IP Address
2023-08-27
216.239.38.21
(
ClassC
)
2024-08-02
172.67.183.231
(
ClassC
)
2024-10-27
104.21.18.238
(
ClassC
)
Port 80
HTTP/1.1 200 OKDate: Sun, 27 Aug 2023 23:18:30 GMTContent-Type: text/html; charsetutf-8Content-Length: 12111Vary: Accept-EncodingServer: nginx/1.17.8Last-Modified: Thu, 06 Jul 2017 15:52:57 GMTETag: 5 !DOCTYPE html>html langen>head> meta nameviewport contentwidthdevice-width, initial-scale1> link relstylesheet hrefhttps://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css> link relstylesheet hrefhttps://fonts.googleapis.com/css?familyOpen+Sans|Raleway|Inconsolata> link relstylesheet href/static/style.css> title>SHAttered/title>/head>body> div classcontainer> img src/static/logo.png altSHA-1 has shattered. classimg-fluid img-logo /> div classrow> div classcol-sm-6 col-sm-push-6 logo> a href/static/infographic.pdf onclickga(send, event, Infographic, Download); >img src/static/infographic-small.png altSHAttered classimg-fluid img-rounded img-main />/a> /div> div classcol-sm-6 col-sm-pull-6> p classfirst-line>We have broken SHA-1 in practice./p> p>This industry cryptographic hash function standard is used for digital signatures and file integrity verification, and protects a wide spectrum of digital assets, including credit card transactions, electronic documents, open-source software repositories and software updates./p> p> It is now practically possible to craft two colliding PDF files and obtain a SHA-1 digital signature on the first PDF file which can also be abused as a valid signature on the second PDF file. /p> p> For example, by crafting the two colliding PDF files as two rental agreements with different rent, it is possible to trick someone to create a valid signature for a high-rent contract by having him or her sign a low-rent contract. /p> p classtext-center>a onclickga(send, event, Infographic, Download); href/static/infographic.pdf>Infographic/a> | a onclickga(send, event, Paper, Download); href/static/shattered.pdf>Paper/a>/p> /div> /div> div classrow> div classcol-sm-6> h3>Attack proof/h3> p> Here are two PDF files that display different content, yet have the same SHA-1 digest. /p> br/>
Port 443
HTTP/1.1 200 OKDate: Sun, 27 Aug 2023 23:18:30 GMTContent-Type: text/html; charsetutf-8Content-Length: 12111Vary: Accept-EncodingServer: nginx/1.17.8Last-Modified: Thu, 06 Jul 2017 15:52:57 GMTETag: 5 !DOCTYPE html>html langen>head> meta nameviewport contentwidthdevice-width, initial-scale1> link relstylesheet hrefhttps://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css> link relstylesheet hrefhttps://fonts.googleapis.com/css?familyOpen+Sans|Raleway|Inconsolata> link relstylesheet href/static/style.css> title>SHAttered/title>/head>body> div classcontainer> img src/static/logo.png altSHA-1 has shattered. classimg-fluid img-logo /> div classrow> div classcol-sm-6 col-sm-push-6 logo> a href/static/infographic.pdf onclickga(send, event, Infographic, Download); >img src/static/infographic-small.png altSHAttered classimg-fluid img-rounded img-main />/a> /div> div classcol-sm-6 col-sm-pull-6> p classfirst-line>We have broken SHA-1 in practice./p> p>This industry cryptographic hash function standard is used for digital signatures and file integrity verification, and protects a wide spectrum of digital assets, including credit card transactions, electronic documents, open-source software repositories and software updates./p> p> It is now practically possible to craft two colliding PDF files and obtain a SHA-1 digital signature on the first PDF file which can also be abused as a valid signature on the second PDF file. /p> p> For example, by crafting the two colliding PDF files as two rental agreements with different rent, it is possible to trick someone to create a valid signature for a high-rent contract by having him or her sign a low-rent contract. /p> p classtext-center>a onclickga(send, event, Infographic, Download); href/static/infographic.pdf>Infographic/a> | a onclickga(send, event, Paper, Download); href/static/shattered.pdf>Paper/a>/p> /div> /div> div classrow> div classcol-sm-6> h3>Attack proof/h3> p> Here are two PDF files that display different content, yet have the same SHA-1 digest. /p> br/>
View on OTX
|
View on ThreatMiner
Please enable JavaScript to view the
comments powered by Disqus.
Data with thanks to
AlienVault OTX
,
VirusTotal
,
Malwr
and
others
. [
Sitemap
]