Hi malware forum,
If you analyze our webforum, you see various JS script, one of these is Sha1 script used on the googlebot-spoofer output:
Sha1 script = A JavaScript implementation of the Secure Hash Algorithm, SHA-1, as defined
- in FIPS PUB 180-1
- Version 2.1 Copyright Paul Johnston 2000 - 2002.
- Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
- Distributed under the BSD License
- See http://pajhome.org.uk/crypt/md5 for details.
How SHA-1.js can be used against dumb attacks for anti-phishing:
http://www.bizeul.org/apt-pvk.htm
And how js protection relates to other forms of anti-phishing protection can be found here:
http://www.bizeul.org/apt.htm
But SHA-1 is broken, read how:
http://www.schneier.com/blog/archives/2005/02/sha1_broken.html
These should be used: SHA-224, SHA-256, SHA-384, and SHA-512
They’re already government standard, so they can be used…
polonus