Made a quick and dirty program that I ran last night.
So it sends a request for a “work unit” on a different server I have running a PHP script that builds some simple XML that looks something like:
<assignment>
<type>MD5</type>
<hash>6ded1c8c8b157a391e618ca39eb11e39</hash>
<prefix>Ab$x</prefix>
</assignment>
The program grinds through building MD5 hashes using the prefix and the next 2 characters. Since this was just a test I’m only testing 126 characters so each work unit generates 15876 MD5 hashes and compares it to the target hash defined in the XML.
I made it so it’ll never find the hash because I wanted to test full work unit work so after it failed to find a match it returns its results to the server and requests a new assignment from the server.
Rinse. Repeat.
So I got 57 hits during the testing phase with a return of 1128 work units. This is roughly 18 million MD5 hashes tested.
I’m probably not going to pursue the MD5 collision thing (there’s much better ways of finding collisions instead of just brute forcing it anyway), but it’s an example of how hidden Flash applications can be used to put your traffic to work.
[...] network just by visiting a webpage. Deviating from the BOINC and Folding@Home models and my prior Flash-based distributed computing POC, I also wanted information sharing across the clients as opposed to a central location that [...]