md5sum against a tar.gz file from:
turns out to be:
instead of
Start your day with Yahoo! - make it your home page
http://www.yahoo.com/r/hs
Full-Disclosure - We believe in it.
Charter:
Hosted and sponsored by Secunia - http://secunia.com/

Seven King wrote:
md5sum against a tar.gz file from:

turns out to be:

instead of

Probably a bit shifted during your download:

/tmp$ md5sum apr-1.0.1.tar.gz
apr-1.0.1.tar.gz

Looks good to me.

Full-Disclosure - We believe in it.
Charter:
Hosted and sponsored by Secunia - http://secunia.com/

I cant reproduce it

(root@fogheaven):~# wget

=`apr-1.0.1.tar.gz'
Resolving www.apache.org 192.87.106.226
Connecting to www.apache.org[192.87.106.226]:80 connected.
HTTP request sent, awaiting response 200 K
Length: 1,058,637 [application/x-gzip]

100%[
] 1,058,637 /s

12:31:28 (11.08 MB/s) - `apr-1.0.1.tar.gz' saved [1,058,637/1,058,637]

(root@fogheaven):~# md5sum apr-1.0.1.tar.gz
apr-1.0.1.tar.gz

(root@fogheaven):~# lynx

apr-1.0.1.tar.gz: 0A 3C B9 11 EA 18 23 CF A3 E5 86 38 92 77 47 05

Crg @ !dSR
www.digitalsec.net

Message
From: "Seven King" <sevenkingonline (AT) yahoo (DOT) com>
To: <full-disclosure (AT) lists (DOT) grok.org.uk>
Sent: Friday, July 22, 2005 12:18 PM
Subject: [Full-disclosure] apache.org files are infected?

md5sum against a tar.gz file from:

turns out to be:

instead of

>
>
>
>

Start your day with Yahoo! - make it your home page
http://www.yahoo.com/r/hs

Full-Disclosure - We believe in it.
Charter:
Hosted and sponsored by Secunia - http://secunia.com/

Full-Disclosure - We believe in it.
Charter:
Hosted and sponsored by Secunia - http://secunia.com/

The apr-1.0.1.tar.gz.md5 that I downloaded looks like:

apr-1.0.1.tar.gz: 0A 3C B9 11 EA 18 23 CF A3 E5 86 38 92 77 47 05

which is odd. And then,

md5sum apr-1.0.1.tar.gz
apr-1.0.1.tar.gz
-Andy

Full-Disclosure - We believe in it.
Charter:
Hosted and sponsored by Secunia - http://secunia.com/

7/22/05, Larry Seltzer <larry (AT) larryseltzer (DOT) comwrote:
>>The apr-1.0.1.tar.gz.md5 that I downloaded looks like:
>>apr-1.0.1.tar.gz: 0A 3C B9 11 EA 18 23 CF A3 E5 86 38 92 77 47 05
>>which is odd. And then,
Why is this odd?
I've always only seen md5sums as long strings of letters and numbers.
I'm actually just now realizing that maybe they're really just a bunch
of hex pairs (?). It didn't look like a normal md5sum output to me
before, but now that I look at it closer, they are identical strings
of characters, but the strings themselves are not identical. md5sum -c
<fileon Linux did not work in this case.

>>md5sum apr-1.0.1.tar.gz
>apr-1.0.1.tar.gz
They look identical to me
What are you using to look at them?

Thanks.
-Andy

Full-Disclosure - We believe in it.
Charter:
Hosted and sponsored by Secunia - http://secunia.com/