Wani wuri a cikin 2014, a cikin jujjuyawar bishiyar tushen BSD 3, na sami fayil tare da kalmomin sirri na duk tsoffin sojoji kamar Dennis Ritchie, Ken Thompson, Brian W. Kernighan, Steve Bourne da Bill Joy.
Algorithm da aka yi amfani da shi don waɗannan hashes shine tushen DES - wanda aka sani yana da rauni (kuma tare da iyakar kalmar sirri tsawon haruffa 8). Don haka na yi tunanin zai zama da sauƙi a fasa waɗannan kalmomin shiga don jin daɗi.
Muna ɗaukar daidaitattun bruters и .
Da sauri na fashe kalmomin sirri da yawa, yawancinsu suna da rauni sosai (abin sha'awa, bwk yayi amfani da kalmar sirri. /.,/.,, - yana da sauƙi a buga akan madannai na QWERTY).
Amma kalmar sirri ta Ken ta kasance ba za a iya buɗewa ba. Ko da cikakken binciken duk ƙananan haruffa da lambobi (kwanaki da yawa a cikin 2014) bai haifar da sakamako ba. Tun lokacin da Ken Thompson da Robert Morris suka haɓaka algorithm, Ina mamakin menene babban yarjejeniyar. Na kuma gane cewa, idan aka kwatanta da sauran tsare-tsaren hashing na kalmar sirri kamar NTLM, crypt(3) yana da jinkirin karyawa (watakila ba a inganta shi ba).
Shin da gaske ya yi amfani da manyan haruffa ko ma haruffa na musamman? (Cikakken ƙarfin 7-bit zai ɗauki fiye da shekaru biyu akan GPU na zamani).
A farkon Oktoba wannan batu a jerin aikawasiku , kuma I da takaicin cewa ta kasa fasa kalmar sirri ta Ken.
A karshe a yau Nigel Williams ya tona asirin:
Daga: Nigel Williams[email kariya]>
Maudu'i: Sake: [TUHS] Ana murmurewa /etc/passwd fayiloliKen ya shirya:
ZghOT0eRm4U9s:p/q2-q4!
Ya ɗauki fiye da kwanaki huɗu akan AMD Radeon Vega64 a cikin hashcat a kusan 930MH/s (waɗanda a cikin sani sun san cewa hashrate yana canzawa kuma yana raguwa zuwa ƙarshe).
Wannan shi ne motsi na farko na mai murabba'i biyu cikin da farkon , wanda ya dace sosai a ciki .
Na yi matukar farin ciki da an warware asirin, kuma sakamakon yana da daɗi sosai.
source: www.habr.com