Ngexesha elithile ngo-2014, kwi-BSD 3 yokulahla imithi yomthombo, ndifumene ifayile ngeepassword zawo onke amagqala afana noDennis Ritchie, uKen Thompson, uBrian W. Kernighan, uSteve Born kunye noBill Joy.
Kwezi hashes, i-algorithm isetyenzisiwe isekelwe kwi-DES - eyaziwayo ngobuthathaka bayo (kunye nobude obugqithisiweyo begama eliyimfihlo lamagama ayi-8). Ngoko ke ndiye ndacinga ukuba kuya kuba lula ukukrazula la magama ayimfihlo ngokuzonwabisa.
Sithatha i-bruter eqhelekileyo ΠΈ .
Ngokukhawuleza, ndiqhekeze amagama amaninzi ayimfihlo, uninzi lwawo lwalubuthathaka kakhulu (ngokumangalisayo, i-bwk isebenzise igama eliyimfihlo. /.,/.,, - kulula ukuyichwetheza kwikhibhodi ye-QWERTY).
Kodwa igama eliyimfihlo likaKen lalingaqhawuki. Nokuba uphando olupheleleyo lwazo zonke iileta ezincinci kunye namanani (iintsuku ezimbalwa ngo-2014) azizange zinike umphumo. Ekubeni i-algorithm yaphuhliswa nguKen Thompson noRobert Morris, ndandizibuza ukuba yintoni ingxaki. Ndaye ndaqaphela ukuba, xa kuthelekiswa nezinye izikimu ze-hashing ze-password ezinje nge-NTLM, i-crypt(3) iyacotha kwi-brute force (mhlawumbi yenziwe kancinci).
Ngaba wayesebenzisa oonobumba abakhulu okanye abakhethekileyo? (I-7-bit epheleleyo yamandla e-brute inokuthatha iminyaka emibini kwi-GPU yanamhlanje).
Ekuqaleni kuka-Oktobha, esi sihloko kuluhlu lokuposa , kwaye nam kunye nokuphoxeka kukuba engakwazi ukuqhekeza igama eliyimfihlo likaKen.
Ekugqibeleni, namhlanje uNigel Williams utyhile le mfihlelo:
Ivela ku: Nigel Williams[imeyile ikhuselwe]>
Umxholo: Re: [TUHS] Ukubuyisela /etc/passwd iifayileUKen ulungile
ZghOT0eRm4U9s:p/q2-q4!
Kuthathe ngaphezulu kweentsuku ezine kwi-AMD Radeon Vega64 kwi-hashcat malunga ne-930MH/s (abo basaziyo ukuba i-hashrate iyaguquguquka kwaye yehle ukuya esiphelweni).
Le yipawn yokuqala ehambisa izikwere ezibini ngaphakathi kwaye uqale , ehambelana kakuhle kakhulu nayo .
Ndivuya kakhulu ukuba imfihlelo yasonjululwa, kwaye umphumo umnandi kakhulu.
umthombo: www.habr.com