Motho, joalo ka ha u tseba, ke sebopuoa se botsoa.
Mme le ho feta ha ho tluoa tabeng ea ho khetha password e matla.
Ke nahana hore mookameli e mong le e mong o kile a tobana le bothata ba ho sebelisa li-passwords tse bobebe le tse tloaelehileng. Ketsahalo ena e atisa ho etsahala har'a lihlopha tse ka holimo tsa tsamaiso ea khampani. E, ho joalo, hantle har'a ba nang le phihlello ea tlhahisoleseling ea lekunutu kapa ea khoebo mme e ka ba ntho e sa rateheng ho felisa litlamorao tsa ho lutla ha password / ho qhekella le liketsahalo tse ling.
Ts'ebetsong ea ka, ho ne ho e-na le nyeoe ha, sebakeng sa Active Directory se nang le leano la phasewete le nolofalitsoeng, li-accounting li ile tsa fihla khopolong ea hore phasewete e kang "Pas$w0rd1234" e lumellana hantle le litlhoko tsa pholisi. Liphello e bile tšebeliso e atileng ea password ena hohle. Ka linako tse ling o ne a fapana ka palo ea hae feela.
Ke ne ke hlile ke batla ho se khone ho lumella leano la password feela le ho hlalosa sehlopha sa litlhaku, empa hape le ho sefa ka bukantswe. Ho qhelela ka thoko monyetla oa ho sebelisa li-password tse joalo.
Ka mosa Microsoft e re tsebisa ka sehokelo hore mang kapa mang ea tsebang ho tšoara komporo, IDE ka nepo matsohong a bona mme a tseba ho bitsa C ++ ka nepo, o khona ho bokella laebrari eo ba e hlokang le ho e sebelisa ho latela kutloisiso ea bona. Mohlanka oa hao ea ikokobelitseng ha a khone ho etsa sena, kahoo ke ile ka tlameha ho batla tharollo e seng e lokisitsoe.
Kamora ho batla hora e telele, ho ile ha senoloa mekhoa e 'meli ea ho rarolla bothata. Ehlile, ke bua ka tharollo ea OpenSource. Ntle le moo, ho na le likhetho tse lefuoang - ho tloha qalong ho isa qetellong.
Khetho ea #1.
Ha ho so be le boitlamo hona joale ka lilemo tse ka bang 2. Sehokelo sa matsoalloa se sebetsa nako le nako, u tlameha ho se lokisa ka letsoho. E iketsetsa litšebeletso tse fapaneng. Ha u nchafatsa faele ea password, DLL ha e ikhethele litaba tse fetotsoeng; o hloka ho emisa ts'ebeletso, ema nako e felile, hlophisa faele, ebe o qala ts'ebeletso.
Ha ho leqhoa!
Khetho ea #2.
Morero o sebetsa, o phela mme ha ho hlokahale le ho raha 'mele o batang.
Ho kenya filthara ho kenyelletsa ho kopitsa lifaele tse peli le ho etsa lipehelo tse 'maloa tsa ngoliso. Faele ea password ha e koalehe, ke hore, e fumaneha bakeng sa ho hlophisoa, 'me ho latela mohopolo oa mongoli oa morero, e baloa hang ka motsotso. Hape, ka ho sebelisa litlatsetso tse ling tsa ngoliso, o ka tsoela pele ho hlophisa filthara ka boyona esita le menahano ea leano la password.
Joale, joale.
Fuoa: Active Directory domain test.local
Windows 8.1 test workstation (ha e bohlokoa molemong oa bothata)
senotlolo sa password PassFiltEx
- Khoasolla tokollo ea morao-rao ho tsoa sehokelong
- Kopitsa PassFiltEx.dll в C: WindowsSystem32 (kapa %SystemRoot%Sistimi32).
Kopitsa PassFiltExBlacklist.txt в C: WindowsSystem32 (kapa %SystemRoot%Sistimi32). Haeba ho hlokahala, re e tlatsa ka li-template tsa rona
- Ho fetola lekala la registry: HKLMSYSTEMCurrentControlSetControlLsa => Liphutheloana tsa Tsebiso
Eketsa PassFiltEx ho isa qetellong ya lenane. (Katoloso ha e hloke ho hlalosoa.) Lethathamo le felletseng la liphutheloana tse sebelisoang ho skena le tla shebahala tjena “rassfm scecli PassFiltEx".
- Qala hape domain name.
- Re pheta mokhoa o ka holimo bakeng sa balaoli bohle ba domain.
U ka kenyelletsa tse latelang tsa ngoliso, tse u fang monyetla oa ho sebelisa sefahla sena:
Khaolo: HKLMSOFTWAREPassFiltEx — e iketseditse.
- HKLMSOFTWAREPassFiltExBlacklistFileName, REG_SZ, Ea kamehla: PassFiltExBlacklist.txt
BlacklistFileName - e o lumella ho hlakisa tsela e tloaelehileng ea faele e nang le li-template tsa password. Haeba keno ena ea ngoliso e se na letho kapa e le sieo, joale ho sebelisoa tsela ea kamehla, e leng - %SystemRoot%Sistimi32. U ka hlakisa tsela ea marang-rang, EMPA u lokela ho hopola hore faele ea template e tlameha ho ba le tumello e hlakileng ea ho bala, ho ngola, ho hlakola, ho fetola.
- HKLMSOFTWAREPassFiltExTokenPercentageOfPassword, REG_DWORD, Ea kamehla: 60
TokenPercentageOfPassword - e o lumella ho hlakisa liperesente tsa mask ho password e ncha. Boleng ba kamehla ke 60%. Mohlala, haeba liperesente tse etsahalang ke 60 mme likhoele tsa linaleli li le faeleng ea template, joale password. Starwars1! e tla hanoa ha password linaleli1!DarthVader88 e tla amoheloa hobane peresente ea khoele ho password e ka tlase ho 60%
- HKLMSOFTWAREPassFiltExRequireCharClasses, REG_DWORD, Ea kamehla: 0
RequireCharClasses - e u lumella ho holisa litlhoko tsa password ha u bapisoa le litlhoko tse tloaelehileng tsa ho rarahana ha password ea ActiveDirectory. Litlhokahalo tsa ho rarahana tse hahelletsoeng ka hare li hloka mefuta e 3 ho e 5 e ka bang teng ea mefuta e fapaneng ea litlhaku: Litlhaku tse kholo, tse nyane, tsa Digit, tse Khethehileng, le Unicode. U sebelisa mokhoa ona oa ho ngolisa, u ka beha litlhoko tsa ho rarahana ha password. Boleng bo ka hlalosoang ke sehlopha sa li-bits, tseo e 'ngoe le e' ngoe e leng matla a tšoanang a tse peli.
Ke hore, 1 = litlhaku tse nyane, 2 = litlhaku tse kholo, 4 = palo, 8 = tlhaku e khethehileng, le 16 = tlhaku ea Unicode.
Kahoo ka boleng ba 7 litlhoko e tla ba "Upper Case" LE litlhaku tse nyane LE digit", 'me ka boleng ba 31 - "Ntho e phahameng LE kgetsi e nyane LE nomoro LE letshwao le ikgethang LE Sebopeho sa Unicode."
U ka ba ua kopanya - 19 = "Ntho e kholo LE kgetsi e nyane LE Sebopeho sa Unicode." -
Melao e mengata ha u theha faele ea template:
- Lithempleite ha li na kutloelo-bohloko. Ka hona, ho kenya file linaleli и StarWarS e tla ikemisetsa ho ba boleng bo tšoanang.
- Faele ea blacklist e baloa hape metsotsoana e meng le e meng e 60, kahoo o ka e hlophisa habonolo; kamora motsotso, data e ncha e tla sebelisoa ke sefe.
- Hajoale ha ho na tšehetso ea Unicode bakeng sa ho bapisa mohlala. Ke hore, o ka sebelisa litlhaku tsa Unicode ho li-password, empa sefahla se ke ke sa sebetsa. Sena ha se bohlokoa, hobane ha ke so bone basebelisi ba sebelisang li-password tsa Unicode.
- Ho eletsoa ho se lumelle mela e se nang letho faeleng ea template. Ka debug u ka bona phoso ha u kenya data ho tsoa faeleng. Sefahla se sebetsa, empa hobaneng ho na le mekhelo e eketsehileng?
Bakeng sa ho lokisa liphoso, polokelo ea litaba e na le lifaele tsa batch tse u lumellang hore u thehe logi ebe u e sebelisa, mohlala,
Setlhopha sena sa password se sebelisa Event Tracing bakeng sa Windows.
Mofani oa ETW oa sefe sena sa password ke 07d83223-7594-4852-babc-784803fdf6c5. Kahoo, ho etsa mohlala, o ka hlophisa ho lateloa ha ketsahalo ka mor'a ho qala bocha:
logman create trace autosessionPassFiltEx -o %SystemRoot%DebugPassFiltEx.etl -p "{07d83223-7594-4852-babc-784803fdf6c5}" 0xFFFFFFFF -ets
Ho ts'oara ho tla qala kamora hore sistimi e latelang e qale hape. Ho emisa:
logman stop PassFiltEx -ets && logman delete autosessionPassFiltEx -ets
Litaelo tsena kaofela li boletsoe mangolong StartTracingAtBoot.cmd и StopTracingAtBoot.cmd.
Bakeng sa tlhahlobo ea nako e le 'ngoe ea ts'ebetso ea filthara, u ka e sebelisa StartTracing.cmd и StopTracing.cmd.
E le hore u bale ka mokhoa o bonolo mokhoa oa ho tlosa bothata oa filthara ena Microsoft Message Analyzer Ho kgothaletswa ho sebelisa li-setting tse latelang:
Ha o emisa ho rema lifate le ho fetisa Microsoft Message Analyzer tsohle li shebahala tjena:
Mona u ka bona hore ho bile le teko ea ho beha phasewete bakeng sa mosebelisi - lentsoe la boselamose le re bolella sena SET ka debug. 'Me phasewete e ile ea hanoa ka lebaka la boteng ba eona faeleng ea thempleite le ho feta 30% e bapisa mongolong o kentsoeng.
Haeba teko e atlehileng ea ho fetola password e entsoe, re bona tse latelang:
Ho na le tšitiso e itseng bakeng sa mosebelisi oa ho qetela. Ha o leka ho fetola phasewete e kenyellelitsoeng lethathamong la li-template tsa faele, molaetsa o skrineng ha o fapane le molaetsa o tloaelehileng ha pholisi ea password e sa fetisoa.
Ka hona, itokisetse ho letsetsa le ho hoeletsa: "Ke kentse phasewete ka nepo, empa ha e sebetse."
Phello.
Laeborari ena e u lumella ho thibela tšebeliso ea li-password tse bonolo kapa tse tloaelehileng sebakeng sa Active Directory. Ha re re "Che!" li-password tse kang: “P@ssw0rd”, “Qwerty123”, “ADm1n098”.
E, ha e le hantle, basebelisi ba tla u rata le ho feta ka ho hlokomela ts'ireletso ea bona le tlhokahalo ea ho tla le li-passwords tse senyang kelello. 'Me, mohlomong, palo ea mehala le likopo tsa thuso ka password ea hau e tla eketseha. Empa tšireletso e tla ka theko.
Lihokelo tsa lisebelisoa tse sebelisitsoeng:
Sengoloa sa Microsoft mabapi le laeborari ea sefaele sa password ea tloaelo:
PassFiltEx:
Sehokelo sa ho lokolla:
Manane a li-password:
DanielMiessler o thathamisa:
Lenane la mantsoe ho tloha weakpass.com:
Lenane la mantsoe le tsoang ho berzerk0 repo:
Microsoft Message Analyzer:
Source: www.habr.com