Munhu, sezvamunoziva, chisikwa chine usimbe.
Uye zvakatonyanya kana zvasvika pakusarudza password yakasimba.
Ini ndinofunga maneja wese akambosangana nedambudziko rekushandisa chiedza uye mapassword akajairwa. Ichi chiitiko chinowanzoitika pakati pepamusoro echelons yehutungamiri hwekambani. Hongu, hongu, chaizvo pakati peavo vanogona kuwana ruzivo rwakavanzika kana rwekutengesa uye zvingave zvakanyanya kusada kubvisa mhedzisiro yekuvuza / kubira password uye zvimwe zviitiko.
Mukuita kwangu, paive neimwe nyaya apo, muActive Directory domain ine password password inogoneswa, accountant vakazvimiririra vakauya kune zano rekuti password senge "Pas$w0rd1234" inokodzera zvinodiwa nepolicy zvakakwana. Mhedzisiro yaive kushandiswa kwakapararira kwepassword iyi kwese kwese. Dzimwe nguva aingosiyana nenhamba dzake chete.
Ini ndaida chaizvo kukwanisa kwete chete kugonesa password password uye kutsanangura seti yehunhu, asiwo kusefa neduramazwi. Kusabvisa mukana wekushandisa mapassword akadaro.
Microsoft inotizivisa nemutsa kuburikidza neicho chinongedzo chekuti chero munhu anoziva kubata komputa, IDE nemazvo mumaoko avo uye anoziva matauriro eC ++ nemazvo, anokwanisa kuunganidza raibhurari yavanoda uye kuishandisa zvinoenderana nekunzwisisa kwavo. Muranda wenyu akazvininipisa haakwanisi izvi, saka ndaifanira kutsvaga mhinduro yakagadzirira.
Mushure meawa yakareba yekutsvaga, sarudzo mbiri dzekugadzirisa dambudziko dzakaratidzwa. Ini, hongu, ndiri kutaura nezve OpenSource mhinduro. Mushure mezvose, pane zvakabhadharwa sarudzo - kubva pakutanga kusvika pakupedzisira.
Sarudzo #1.
Pange pasina kupihwa kweanoda makore 2. Iyo yemuno installer inoshanda pano neapo, unofanira kuigadzirisa nemaoko. Inogadzira sevhisi yayo yega. Paunenge uchigadziridza password faira, iyo DLL haitore otomatiki zvakashandurwa zvemukati; unofanirwa kumisa sevhisi, mirira nguva yekubuda, gadzirisa faira, uye tanga sevhisi.
Hapana ice!
Sarudzo #2.
Iyo purojekiti inoshanda, mhenyu uye hapana chikonzero chekukanda muviri unotonhora.
Kuisa sefa kunosanganisira kukopa mafaera maviri uye kugadzira akati wandei ekunyoresa. Iyo password faira haisi muchivharo, ndiko kuti, inowanikwa kuti igadziriswe uye, maererano nepfungwa yemunyori weprojekiti, inongoverengwa kamwe chete paminiti. Zvakare, uchishandisa ekuwedzera registry entries, unogona kuenderera mberi nekumisikidza ese arisefa pachayo uye kunyangwe nuances yepassword policy.
Zvakanaka, ipapo.
Yakapihwa: Active Directory domain test.local
Windows 8.1 test workstation (haina kukosha kune chinangwa chedambudziko)
password filter PassFiltEx
- Dhawunirodha ichangoburwa kubva pane iyi link
- Copy PassFiltEx.dll в C: WindowsSystem32 (kana %SystemRoot%System32).
Copy PassFiltExBlacklist.txt в C: WindowsSystem32 (kana %SystemRoot%System32) Kana zvichidikanwa, tinozviwedzera nematemplate edu
- Kugadzirisa bazi registry: HKLMSYSTEMCurrentControlSetControlLsa => Zviziviso Packages
Wedzera PassFiltEx kusvika kumagumo erondedzero. (Kuwedzera hakudi kutaurwa.) Rondedzero yakazara yemapakeji anoshandiswa pakuongorora anozoita seizvi “rassfm scecli PassFiltEx".
- Reboot the domain controller.
- Isu tinodzokorora maitiro ari pamusoro kune ese madomasi controller.
Iwe unogona zvakare kuwedzera zvinotevera registry zvinyorwa, izvo zvinokupa iwe kuchinjika mukushandisa iyi sefa:
Chitsauko: HKLMSOFTWAREPassFiltEx - inogadzirwa otomatiki.
- HKLMSOFTWAREPassFiltExBlacklistFileName, REG_SZ, Default: PassFiltExBlacklist.txt
BlacklistFileName - inokutendera kuti utaure nzira yetsika kune faira ine password templates. Kana iyi registry yekupinda isina kana isipo, ipapo nzira yekusarudzika inoshandiswa, inova - %SystemRoot%System32. Iwe unogona kutotsanangura nzira yetiweki, ASI iwe unofanirwa kuyeuka kuti iyo template faira inofanirwa kuve nemvumo dzakajeka dzekuverenga, kunyora, kudzima, kuchinja.
- HKLMSOFTWAREPassFiltExTokenPercentageOfPassword, REG_DWORD, Default: 60
TokenPercentageOfPassword - inokutendera kuti utaure chikamu chemask mune password nyowani. Iko kukosha kweiyo 60%. Semuyenzaniso, kana chikamu chechiitiko chiri makumi matanhatu uye tambo starwars iri mufaira retemplate, ipapo password. Starwars1! icharambwa apo password starwars1!DarthVader88 ichagamuchirwa nekuti chikamu chetambo mupassword iri pasi pe60%
- HKLMSOFTWAREPassFiltExRequireCharClasses, REG_DWORD, Default: 0
InodaCharClasses - inokutendera kuti uwedzere zvinodiwa papassword uchienzaniswa neyakajairwa ActiveDirectory password kuoma zvinodiwa. Izvo zvakavakwa-mukati zvakaoma zvinodikanwa zvinoda 3 pa5 anobvira marudzi akasiyana emavara: Uppercase, Lowercase, Digit, Special, uye Unicode. Uchishandisa iyi registry yekupinda, unogona kuseta yako password yakaoma zvinodiwa. Hukoshi hunogona kutsanangurwa seti yezvimedu, chimwe nechimwe chiri simba rinoenderana rezviviri.
Kureva kuti, 1 = mavara maduku, 2 = mavara makuru, 4 = digit, 8 = hunhu hwakakosha, uye 16 = Unicode character.
Saka nekukosha kwe7 izvo zvinodiwa zvingave "Upper Case" AND tsamba shoma AND digit", uye ine kukosha kwe31 - "Upper kesi AND lower case AND digit AND chiratidzo chakakosha AND Unicode character."
Unogona kusanganisa - 19 = "Upper kesi AND lower case AND Unicode character." -
Mitemo yakati wandei kana uchigadzira template faira:
- Ma templates haana nyaya. Naizvozvo, iyo faira yekupinda nyeredzi и StarWarS zvichange zvakatemwa kuva noukoshi hwakafanana.
- Iyo blacklist faira inoverengwazve ese makumi matanhatu masekonzi, saka iwe unogona kuigadzirisa zviri nyore; mushure meminiti, iyo data nyowani ichashandiswa nesefa.
- Ikozvino hapana Unicode inotsigira yekufananidza pateni. Kureva kuti, unogona kushandisa Unicode mavara mumapassword, asi iyo sefa haishande. Izvi hazvina kunetsa, nekuti ini handisati ndaona vashandisi vanoshandisa Unicode mapassword.
- Zvinokurudzirwa kusatendera mitsetse isina chinhu mufaira retemplate. Mune debug iwe unogona kuona chikanganiso paunenge uchirodha data kubva kufaira. Iyo sefa inoshanda, asi nei iyo yekuwedzera kunze?
Nekugadzirisa, iyo archive ine batch mafaera anotendera iwe kuti ugadzire irogi wobva wariparura uchishandisa, semuenzaniso,
Iyi password filter inoshandisa Chiitiko Kutsvaga kweWindows.
Iyo ETW mupi weiyi password sefa ndeye 07d83223-7594-4852-babc-784803fdf6c5. Saka, semuenzaniso, iwe unogona kugadzirisa chiitiko chekutevera mushure meiyo inotevera reboot:
logman create trace autosessionPassFiltEx -o %SystemRoot%DebugPassFiltEx.etl -p "{07d83223-7594-4852-babc-784803fdf6c5}" 0xFFFFFFFF -ets
Kutsvaga kunotanga mushure meiyo inotevera system reboot. Kumisa:
logman stop PassFiltEx -ets && logman delete autosessionPassFiltEx -ets
Mirairo iyi yese inotsanangurwa muzvinyorwa StartTracingAtBoot.cmd и StopTracingAtBoot.cmd.
Kwenguva imwe chete cheki chekushanda kwesefa, unogona kushandisa StartTracing.cmd и StopTracing.cmd.
Kuti uverenge zviri nyore debug kupera kweiyi sefa mukati Microsoft Message Analyzer Zvinokurudzirwa kushandisa zvinotevera marongero:
Pakumisa kutema nekuparura mukati Microsoft Message Analyzer zvese zvinotaridzika seizvi:
Pano iwe unogona kuona kuti pakanga paine kuyedza kuseta password yemushandisi - izwi remashiripiti rinotiudza izvi Isai in debug. Uye iyo password yakarambwa nekuda kwekuvapo kwayo mufaira retemplate uye kupfuura 30% match mune yakapinda mameseji.
Kana kuedza kwakabudirira kuchinja password kwaitwa, tinoona zvinotevera:
Pane kumwe kusagadzikana kune yekupedzisira mushandisi. Paunoyedza kushandura password inosanganisirwa mune runyorwa rwematemplate faira, meseji iri pachiratidziro haina kusiyana neyakajairwa meseji kana mutemo wepassword usina kupfuudzwa.
Naizvozvo, gadzirira kufona uye kushevedzera: "Ndakaisa password nemazvo, asi hazvishande."
Chinokosha.
Raibhurari iyi inobvumidza iwe kurambidza kushandiswa kwemapassword akareruka kana akajairwa muActive Directory domain. Ngatiti "Kwete!" mapassword akaita se: “P@ssw0rd”, “Qwerty123”, “ADm1n098”.
Hongu, hongu, vashandisi vachakuda iwe zvakanyanya nekuda kwekutarisira kwavo kuchengetedzeka uye kukosha kwekuuya nemapassword anofenda. Uye, pamwe, nhamba yekufona uye zvikumbiro zvekubatsira nepassword yako zvichawedzera. Asi kuchengeteka kunouya nemutengo.
Links kune zviwanikwa zvakashandiswa:
Chinyorwa cheMicrosoft chine chekuita neraibhurari yefivha password:
PassFiltEx:
Release link:
Mazita epassword:
DanielMiessler anonyora:
Wordlist kubva kune weakpass.com:
Wordlist kubva berzerk0 repo:
Microsoft Message Analyzer:
Source: www.habr.com