Umntu, njengoko usazi, sisidalwa esonqenayo.
Kwaye ngakumbi xa kuziwa ekukhetheni igama eliyimfihlo elinamandla.
Ndicinga ukuba wonke umlawuli uke wajamelana nengxaki yokusebenzisa ukukhanya kunye namagama ayimfihlo. Le nto idla ngokuvela phakathi kwamanqanaba aphezulu olawulo lwenkampani. Ewe, ewe, ngokuchanekileyo phakathi kwabo banokufikelela kulwazi oluyimfihlo okanye lwentengiso kwaye kuya kuba yinto engathandekiyo kakhulu ukuphelisa iziphumo zokuvuza kwamagama ayimfihlo / ukuqhekeza kunye nezinye izehlo.
Kwinkqubo yam, kwakukho imeko xa, kwi-domain ye-Active Directory kunye nepolisi yephasiwedi enikwe amandla, abagcini-mali beza ngokuzimeleyo kwingcamango yokuba igama eliyimfihlo njenge "Pas$w0rd1234" ihambelana neemfuno zomgaqo-nkqubo ngokugqibeleleyo. Isiphumo ibe kukusetyenziswa ngokubanzi kwale password kuyo yonke indawo. Ngamanye amaxesha wayehluka kuphela kwisethi yamanani akhe.
Bendifuna ngenene ukungakwazi ukwenza kuphela umgaqo-nkqubo wegama lokugqitha kwaye ndichaze isethi yeempawu, kodwa ndiphinde ndihluze ngesichazi-magama. Ukungabandakanyi ukuba nokwenzeka kokusebenzisa amagama ayimfihlo.
UMicrosoft usazisa ngobubele ngekhonkco ukuba nabani na owaziyo ukubamba i-compiler, i-IDE ngokuchanekileyo ezandleni zabo kwaye ekwazi ukubiza i-C ++ ngokuchanekileyo, unako ukuqokelela ilayibrari abayidingayo kwaye bayisebenzise ngokuqonda kwabo. Umkhonzi wakho othobekileyo akanakukwazi oku, ngoko kuye kwafuneka ndikhangele isisombululo esele senziwe.
Emva kweyure ende yokukhangela, iindlela ezimbini zokusombulula le ngxaki zatyhilwa. Ewe, ndithetha ngesisombululo se-OpenSource. Emva kwakho konke, kukho iinketho ezihlawulwayo - ukususela ekuqaleni ukuya ekupheleni.
Inombolo yokhetho 1.
Akukhange kubekho zibophelelo malunga neminyaka emi-2 ngoku. Yenza inkonzo yayo eyahlukileyo. Xa uhlaziya ifayile yegama eliyimfihlo, i-DLL ayifuni ngokuzenzekelayo umxholo otshintshileyo; kufuneka uyeke inkonzo, linda ixesha lokuphuma, uhlele ifayile, kwaye uqale inkonzo.
Akukho mkhenkce!
Inombolo yokhetho 2.
Iprojekthi iyasebenza, iyaphila kwaye akukho mfuneko yokukhaba umzimba obandayo.
Ukufakela isihluzi kubandakanya ukukopa iifayile ezimbini kunye nokudala amangeniso amaninzi obhaliso. Ifayile yegama eliyimfihlo ayikho kwisitshixo, oko kukuthi, iyafumaneka ukuze ihlelwe kwaye, ngokombono wombhali weprojekthi, ifundwa nje kube kanye ngomzuzu. Kwakhona, usebenzisa amangeno obhaliso olongezelelweyo, ungaqwalasela ngokuqhubekayo zombini icebo lokucoca ngokwalo kunye neenuances zomgaqo-nkqubo wegama lokugqitha.
Ewe, ngoko.
Kunikwe: I-Active Directory domain test.local
Windows 8.1 test workstation (ayibalulekanga ngenjongo yengxaki)
isihluzo sokugqitha PassFiltEx
- Khuphela ukhupho lwamva nje kwikhonkco
- Khuphela PassFiltEx.dll в C: IWindowsSystem32 (okanye I-%SystemRoot%System32).
Khuphela PassFiltExBlacklist.txt в C: IWindowsSystem32 (okanye I-%SystemRoot%System32). Ukuba kuyimfuneko, siyayongeza ngeetemplate zethu
- Ukuhlela isebe lobhaliso: HKLMSYSTEMCurrentControlSetControlLsa => IiPakethi zesaziso
Yongeza PassFiltEx ukuya ekupheleni koluhlu. (Ulwandiso aludingi kuchazwa.) Uluhlu olupheleleyo lwempahla esetyenziselwa ukuskena luzakujongeka ngolu hlobo.rassfm scecli PassFiltEx«.
- Qalisa kwakhona umlawuli wendawo.
- Siphinda le nkqubo ingentla kubo bonke abalawuli besizinda.
Unokongeza amangeno alandelayo obhaliso, akunika ukuguquguquka ngakumbi ekusebenziseni esi sihluzo:
Isahluko: HKLMSOFTWAREPassFiltEx — yenziwe ngokuzenzekelayo.
- HKLMSOFTWAREPassFiltExBlacklistFileName, REG_SZ, Miyolelo: PassFiltExBlacklist.txt
I-BlacklistFileName — ikuvumela ukuba uchaze umendo olungiselelweyo kwifayile enetemplates zegama lokugqitha. Ukuba olungeno lobhaliso alinanto okanye alukho, ngoko indlela engagqibekanga iyasetyenziswa, ethi - I-%SystemRoot%System32. Ungakhankanya nendlela yenethiwekhi, KODWA kufuneka ukhumbule ukuba ifayile yetemplate kufuneka ibe neemvume ezicacileyo zokufunda, ukubhala, ukucima, ukutshintsha.
- HKLMSOFTWAREPassFiltExTokenPercentageOfPassword, REG_DWORD, Miyoyo: 60
iTokenPercentageOfPassword — ikuvumela ukuba uchaze ipesenti yemaski kwigama eligqithisiweyo elitsha. Ixabiso elimiselweyo yi-60%. Umzekelo, ukuba ukwenzeka kwepesenti ngama-60 kwaye umtya westarwars ukwifayile yetemplate, ngoko igama eligqithisiweyo Starwars1! izakwaliwa ngelixa igama eligqithisiweyo starwars1!DarthVader88 iyakwamkelwa kuba ipesenti yomtya kwigama lokugqitha ingaphantsi kwe 60%
- HKLMSOFTWAREPassFiltExRequireCharClasses, REG_DWORD, Miyoyo: 0
Ifuna iiCharClasses — ikuvumela ukuba wandise iimfuneko zegama lokugqitha xa kuthelekiswa neemfuneko eziqhelekileyo zokuntsonkotha kwephasiwedi ye-ActiveDirectory. Iimfuno ezintsonkothileyo ezakhelwe ngaphakathi zifuna i-3 kwezi-5 ezinokubakho iintlobo ezahlukeneyo zoonobumba: Unobumba abakhulu, unobumba omncinci, iDigit, eKhethekileyo, kunye ne-Unicode. Ukusebenzisa olu ngeniso lobhaliso, unokuseta iimfuno zokuntsokotha kwephasiwedi yakho. Ixabiso elinokuchazwa liqela lamasuntswana, ngalinye lingamandla ahambelanayo amabini.
Oko kukuthi, 1 = unobumba omncinci, 2 = unobumba omkhulu, 4 = idijithi, 8 = unobumba okhethekileyo, kunye no-16 = unobumba we-Unicode.
Ke ngexabiso le-7 iimfuno ziya kuba yi "Upper Case" AND unobumba omncinci AND idijithi”, kunye nexabiso lama-31 - “Ityala eliphezulu AND unobumba omncinci AND nombolo AND uphawu olukhethekileyo AND Umlinganiswa we-Unicode."
Ungade udibanise - 19 = “Unobumba ophezulu AND unobumba omncinci AND Umlinganiswa we-Unicode." -
Inani lemithetho xa usenza ifayile yetemplate:
- Iitempleyithi azinaluvelwano. Ke ngoko, ukungena kwefayile idabi leenkwenkwezi и Idabi leenkwenkwezi iya kumiselwa ixabiso elifanayo.
- Ifayile ye-blacklist iphinda ifundwe rhoqo ngemizuzwana engama-60, ngoko ungayihlela ngokulula emva komzuzu, idatha entsha iya kusetyenziswa sisihluzo.
- Okwangoku akukho nkxaso ye-Unicode yokuthelekisa ipateni. Oko kukuthi, ungasebenzisa amagama e-Unicode kwiiphasiwedi, kodwa isihluzo asiyi kusebenza. Oku akubalulekanga, kuba khange ndibabone abasebenzisi abasebenzisa amagama ayimfihlo e-Unicode.
- Kuyacetyiswa ukuba ungavumeli imigca engenanto kwifayile yetemplate. Kwi-debug ungabona impazamo xa ulayisha idatha kwifayile. Isihluzi siyasebenza, kodwa kutheni le nto ngaphandle kokungaphezulu?
Ukulungisa ingxaki, indawo yokugcina iqulathe iifayile zebhetshi ezikuvumela ukuba wenze ilog kwaye emva koko uyahlule usebenzisa, umzekelo,
Esi sihluzo segama lokugqitha sisebenzisa ukuJonga uMnyadala weWindows.
Umboneleli weETW wesihluzo segama lokugqitha 07d83223-7594-4852-babc-784803fdf6c5. Ke, umzekelo, ungaqwalasela umkhondo womsitho emva kokuqalisa kwakhona okulandelayo:
logman create trace autosessionPassFiltEx -o %SystemRoot%DebugPassFiltEx.etl -p "{07d83223-7594-4852-babc-784803fdf6c5}" 0xFFFFFFFF -ets
Ukulandela kuyakuqala emva kokuqaliswa kwenkqubo elandelayo. Ukumisa:
logman stop PassFiltEx -ets && logman delete autosessionPassFiltEx -ets
Yonke le miyalelo ichaziwe kwizikripthi StartTracingAtBoot.cmd и StopTracingAtBoot.cmd.
Ukukhangela ixesha elinye lomsebenzi wokucoca, ungasebenzisa Qala ukuTracing.cmd и StopTracing.cmd.
Ukuze ufunde ngokulula i-debug yokuphuma kwesi sihluzo ngaphakathi I-Microsoft Message Analyzer Kucetyiswa ukuba usebenzise ezi zicwangciso zilandelayo:
Xa uyeka ukugawulwa kunye nokwahlulahlula I-Microsoft Message Analyzer yonke into ibonakala ngolu hlobo:
Apha ungabona ukuba bekukho umzamo wokuseta igama eligqithisiweyo lomsebenzisi - igama lomlingo lisixelela oku SET kwi-debug. Kwaye i-password yanqatshwa ngenxa yobukho bayo kwifayile yetemplate kunye nomdlalo ongaphezulu kwe-30% kumbhalo ongenisiweyo.
Ukuba umzamo wokutshintsha igama eligqithisiweyo uphumelele, sibona oku kulandelayo:
Kukho ukuphazamiseka kumsebenzisi wokugqibela. Xa uzama ukutshintsha igama eligqithisiweyo elibandakanyiweyo kuluhlu lwefayile yeetemplates, umyalezo kwikhusi awuhlukanga kumyalezo oqhelekileyo xa umgaqo-nkqubo wegama lokugqitha ungagqithiswanga.
Ke, zilungiselele iminxeba kunye nokukhwaza: "Ndifake igama eliyimfihlo ngokuchanekileyo, kodwa ayisebenzi."
Iziphumo.
Eli thala leencwadi likuvumela ukuba uthintele ukusetyenziswa kwamagama ayimfihlo alula okanye aqhelekileyo kwi-Active Directory domain. Masithi "Hayi!" amagama ayimfihlo afana nala: “P@ssw0rd”, “Qwerty123”, “ADm1n098”.
Ewe, kunjalo, abasebenzisi baya kukuthanda ngakumbi ngokukhathalela ukhuseleko lwabo kunye nesidingo sokuza neepassword ezibetha ingqondo. Kwaye, mhlawumbi, inani leefowuni kunye nezicelo zoncedo ngephasiwedi yakho ziya kwanda. Kodwa ukhuseleko luza ngexabiso.
Unxulumaniso kwizibonelelo ezisetyenzisiweyo:
Inqaku leMicrosoft malunga nethala leencwadi lokucoca igama eliqhelekileyo:
PassFiltEx:
Khupha ikhonkco:
Uluhlu lwegama lokugqithisa:
UDanielMiessler udwelisa:
Uluhlu lwamagama oluvela ku weakpass.com:
Uluhlu lwamagama oluvela kwi-berzerk0 repo:
IsiHlalutyi soMyalezo kaMicrosoft:
umthombo: www.habr.com