Txiv neej, raws li koj paub, yog ib tug neeg tub nkeeg.
Thiab txawm ntau li ntawd thaum nws los xaiv tus password muaj zog.
Kuv xav tias txhua tus thawj coj tau ntsib teeb meem ntawm kev siv lub teeb thiab tus qauv passwords. Qhov no tshwm sim feem ntau tshwm sim ntawm lub sab sauv echelons ntawm lub tuam txhab kev tswj. Yog lawm, yog, qhov tseeb ntawm cov neeg uas tau nkag mus rau cov ntaub ntawv zais lossis kev lag luam thiab nws yuav yog qhov tsis xav tau tshem tawm qhov tshwm sim ntawm lo lus zais nkag / hacking thiab teeb meem ntxiv.
Hauv kuv qhov kev coj ua, muaj ib rooj plaub thaum, nyob rau hauv Active Directory domain nrog ib tug password txoj cai enabled, accountants ntawm nws tus kheej tuaj rau lub tswv yim hais tias ib lo lus zais zoo li "Pas$w0rd1234" haum rau txoj cai txoj cai zoo kawg nkaus. Qhov tshwm sim yog qhov kev siv tus password no thoob plaws txhua qhov chaw. Qee lub sij hawm nws txawv ntawm nws cov lej xwb.
Kuv yeej xav kom muaj peev xwm tsis tau tsuas yog ua kom muaj tus password txoj cai thiab txhais cov cim cim, tab sis kuj lim los ntawm phau ntawv txhais lus. Txhawm rau tshem tawm qhov ua tau ntawm kev siv cov passwords zoo li no.
Microsoft ua siab zoo qhia peb ntawm qhov txuas uas txhua tus neeg uas paub yuav ua li cas tuav lub compiler, IDE kom raug ntawm lawv txhais tes thiab paub yuav ua li cas hais C ++ kom raug, muaj peev xwm sau cov tsev qiv ntawv uas lawv xav tau thiab siv raws li lawv txoj kev nkag siab. Koj tus tub qhe txo hwj chim tsis muaj peev xwm ua li no, yog li kuv yuav tsum tau nrhiav kev npaj npaj.
Tom qab ib teev ntev ntawm kev tshawb nrhiav, ob txoj hauv kev los daws qhov teeb meem tau tshwm sim. Kuv yog, ntawm chav kawm, tham txog kev daws teeb meem OpenSource. Tom qab tag nrho, muaj cov kev xaiv them nyiaj - txij thaum pib mus txog rau thaum xaus.
Xaiv tus lej 1.
Tsis muaj commits li 2 xyoos tam sim no. Tus neeg nruab ib txwm ua haujlwm txhua lub sijhawm tam sim no, koj yuav tsum kho nws tus kheej. Tsim nws cov kev pabcuam cais. Thaum hloov kho cov ntaub ntawv lo lus zais, DLL tsis tuaj yeem khaws cov ntsiab lus hloov pauv; koj yuav tsum nres qhov kev pabcuam, tos sijhawm sijhawm, kho cov ntaub ntawv, thiab pib qhov kev pabcuam.
Tsis muaj dej khov!
Xaiv tus lej 2.
Qhov project yog nquag, ciaj sia thiab tsis tas yuav ncaws lub cev txias.
Txhim kho lub lim yuav luam ob cov ntaub ntawv thiab tsim ntau cov ntawv sau npe. Cov ntaub ntawv lo lus zais tsis nyob hauv lub xauv, uas yog, nws muaj rau kev kho thiab, raws li lub tswv yim ntawm tus sau ntawm qhov project, nws tsuas yog nyeem ib zaug ib feeb. Tsis tas li ntawd, siv cov ntawv sau npe ntxiv, koj tuaj yeem teeb tsa ob qho tib si lim nws tus kheej thiab txawm tias cov nuances ntawm txoj cai password.
Yog li ntawd
Muab: Active Directory domain test.local
Windows 8.1 test workstation (tsis tseem ceeb rau lub hom phiaj ntawm qhov teeb meem)
password filter PassFiltEx
- Download tau qhov tseeb tso tawm ntawm qhov txuas
- Luam PassFiltEx.dll в C: WindowsSystem32 (los yog %SystemRoot%System32).
Luam PassFiltExBlacklist.txt в C: WindowsSystem32 (los yog %SystemRoot%System32). Yog tias tsim nyog, peb ntxiv nws nrog peb tus kheej cov qauv
- Hloov kho cov npe npe: HKLMSYSTEMCurrentControlSetControlLsa => Cov pob ntawv ceeb toom
Ntxiv PassFiltEx mus rau qhov kawg ntawm daim ntawv teev npe. (Qhov txuas ntxiv tsis tas yuav tsum tau teev tseg.) Daim ntawv teev tag nrho ntawm cov pob khoom siv rau kev luam theej duab yuav zoo li qhov no "rassfm scecli PassFiltEx".
- Reboot lub domain controller.
- Peb rov ua cov txheej txheem saum toj no rau tag nrho cov tswj hwm sau npe.
Koj tuaj yeem ntxiv cov ntawv sau npe hauv qab no, uas ua rau koj yooj yim dua hauv kev siv cov lim dej no:
Tshooj: HKLMSOFTWAREPassFiltEx - yog tsim tau.
- HKLMSOFTWAREPassFiltExBlacklistFileName, REG_SZ, Default: PassFiltExBlacklist.txt
BlacklistFileName - tso cai rau koj los qhia txog txoj kev cai rau cov ntaub ntawv nrog tus password templates. Yog tias qhov kev sau npe no khoob lossis tsis muaj nyob, ces txoj hauv kev raug siv, uas yog - %SystemRoot%System32. Koj tuaj yeem hais qhia txoj hauv kev network, TAB SIS koj yuav tsum nco ntsoov tias cov ntaub ntawv template yuav tsum muaj kev tso cai meej rau kev nyeem, sau, rho tawm, hloov.
- HKLMSOFTWAREPassFiltExTokenPercentageOfPassword, REG_DWORD, Default: 60
TokenPercentageOfPassword - tso cai rau koj txheeb xyuas qhov feem pua ntawm lub npog ntsej muag hauv tus password tshiab. Tus nqi qub yog 60%. Piv txwv li, yog tias qhov feem pua ntawm qhov tshwm sim yog 60 thiab txoj hlua starwars nyob rau hauv cov ntaub ntawv template, ces tus password Starwars1! yuav raug tsis lees paub thaum tus password starwars1! DarthVader88 yuav raug lees txais vim tias feem pua ntawm cov hlua hauv tus password tsawg dua 60%
- HKLMSOFTWAREPassFiltExRequireCharClasses, REG_DWORD, Default: 0
RequireCharClasses - tso cai rau koj los nthuav cov password yuav tsum tau muab piv rau tus qauv ActiveDirectory password complexity yuav tsum tau. Cov kev xav tau tsim hauv qhov nyuaj yuav tsum muaj 3 ntawm 5 qhov sib txawv ntawm cov cim: Uppercase, Lowercase, Digit, Tshwj xeeb, thiab Unicode. Siv qhov kev sau npe nkag, koj tuaj yeem teeb tsa koj tus password nyuaj uas yuav tsum tau ua. Tus nqi uas tuaj yeem teev tau yog ib txheej ntawm cov khoom, txhua tus yog lub zog sib xws ntawm ob.
Qhov ntawd yog - 1 = tus lej qis, 2 = tus lej loj, 4 = tus lej, 8 = tus cim tshwj xeeb, thiab 16 = tus cim Unicode.
Yog li nrog tus nqi ntawm 7 qhov kev xav tau yuav yog "Cov Ntaub Ntawv Loj" THIAB tus lej qis THIAB tus lej", thiab nrog tus nqi ntawm 31 - "Cov ntaub ntawv sab saud THIAB qis dua THIAB digit THIAB cim tshwj xeeb THIAB Unicode cim."
Koj tuaj yeem ua ke - 19 = “Cov ntaub ntawv sab saud THIAB qis dua THIAB Unicode cim." -
Muaj ntau txoj cai thaum tsim ib daim ntawv template:
- Templates yog cov ntaub ntawv tsis txaus ntseeg. Yog li ntawd, cov ntaub ntawv nkag lub hnub qub Tsov Rog и StarWarS yuav txiav txim siab tias tus nqi tib yam.
- Cov ntaub ntawv blacklist rov nyeem txhua txhua 60 vib nas this, yog li koj tuaj yeem hloov kho tau yooj yim; tom qab ib feeb, cov ntaub ntawv tshiab yuav raug siv los ntawm lub lim.
- Tam sim no tsis muaj kev txhawb nqa Unicode rau cov qauv sib piv. Ntawd yog, koj tuaj yeem siv cov cim Unicode hauv passwords, tab sis cov lim yuav tsis ua haujlwm. Qhov no tsis yog qhov tseem ceeb, vim kuv tsis tau pom cov neeg siv uas siv Unicode passwords.
- Nws raug nquahu kom tsis txhob tso cov kab khoob hauv cov ntaub ntawv template. Hauv kev debug koj tuaj yeem pom qhov yuam kev thaum thauj cov ntaub ntawv los ntawm cov ntaub ntawv. Lub lim ua haujlwm, tab sis vim li cas qhov kev zam ntxiv?
Rau kev debugging, lub archive muaj batch cov ntaub ntawv uas tso cai rau koj los tsim ib lub cav thiab ces parse nws siv, piv txwv li,
Tus password lim no siv Event Tracing rau Windows.
Tus neeg muab kev pabcuam ETW rau qhov lim password no yog 07d83223-7594-4852-babc-784803fdf6c5. Yog li, piv txwv li, koj tuaj yeem teeb tsa qhov xwm txheej taug qab tom qab rov pib dua hauv qab no:
logman create trace autosessionPassFiltEx -o %SystemRoot%DebugPassFiltEx.etl -p "{07d83223-7594-4852-babc-784803fdf6c5}" 0xFFFFFFFF -ets
Tracing yuav pib tom qab lub tom ntej no system reboot. Kom nres:
logman stop PassFiltEx -ets && logman delete autosessionPassFiltEx -ets
Tag nrho cov lus txib no tau teev tseg hauv cov ntawv sau StartTracingAtBoot.cmd и StopTracingAtBoot.cmd.
Rau kev kuaj ib zaug ntawm kev ua haujlwm lim, koj tuaj yeem siv StartTracing.cmd и StopTracing.cmd.
Txhawm rau kom yooj yim nyeem qhov debug tso tawm ntawm cov lim no hauv Microsoft lus Analyzer Nws raug nquahu kom siv cov chaw hauv qab no:
Thaum nres log thiab parsing nyob rau hauv Microsoft lus Analyzer txhua yam zoo li no:
Ntawm no koj tuaj yeem pom tias muaj kev sim teeb tsa tus password rau tus neeg siv - lo lus khawv koob qhia peb qhov no SET hauv debug. Thiab tus password raug tsis lees paub vim nws muaj nyob rau hauv cov ntaub ntawv template thiab ntau dua 30% match hauv cov ntawv nkag.
Yog tias kev sim hloov tus password ua tiav, peb pom cov hauv qab no:
Muaj qee qhov tsis yooj yim rau cov neeg siv kawg. Thaum koj sim hloov tus password uas muaj nyob rau hauv daim ntawv teev cov templates cov ntaub ntawv, cov lus ntawm lub vijtsam tsis txawv ntawm cov qauv lus thaum lo lus zais txoj cai tsis dhau.
Yog li ntawd, npaj rau kev hu thiab qw: "Kuv nkag mus rau tus password kom raug, tab sis nws tsis ua haujlwm."
Qhov txiaj ntsig.
Lub tsev qiv ntawv no tso cai rau koj los txwv tsis pub siv cov passwords yooj yim lossis tus qauv hauv Active Directory domain. Wb hais tias "Tsis yog!" passwords xws li: “P@ssw0rd”, “Qwerty123”, “ADm1n098”.
Yog lawm, tau kawg, cov neeg siv yuav hlub koj ntau dua rau kev saib xyuas lawv txoj kev nyab xeeb thiab xav tau los nrog cov lus zais siab. Thiab, tej zaum, tus xov tooj hu thiab thov kev pab nrog koj tus password yuav nce ntxiv. Tab sis kev ruaj ntseg los ntawm tus nqi.
Txuas mus rau cov ntaub ntawv siv:
Microsoft tsab xov xwm hais txog kev cai password lim tsev qiv ntawv:
PassFiltEx:
Tso link:
Cov npe password:
DanielMiessler cov npe:
Wordlist los ntawm weakpass.com:
Wordlist los ntawm berzerk0 repo:
Microsoft Message Analyzer:
Tau qhov twg los: www.hab.com