Umuntu, njengoba wazi, uyisidalwa esivilaphayo.
Futhi nakakhulu uma kuziwa ekukhetheni iphasiwedi eqinile.
Ngicabanga ukuthi wonke umlawuli wake wabhekana nenkinga yokusebenzisa amaphasiwedi alula najwayelekile. Lesi simo sivame ukwenzeka phakathi kwezigaba eziphezulu zabaphathi benkampani. Yebo, yebo, phakathi kwalabo abakwazi ukufinyelela olwazini oluyimfihlo noma lwezohwebo futhi ngeke kube yinto efiselekayo ukuqeda imiphumela yokuvuza kwephasiwedi/ukugebenga nezinye izigameko.
Ekusebenzeni kwami, kube khona isimo lapho, esizindeni se-Active Directory esinenqubomgomo yephasiwedi enikwe amandla, ababhali bamabhuku ngokuzimela bafika emcabangweni wokuthi igama eliyimfihlo elifana ne-“Pas$w0rd1234” lilingana kahle nezimfuneko zenqubomgomo. Umphumela waba ukusetshenziswa kabanzi kwale phasiwedi yonke indawo. Ngezinye izikhathi wayehluka kuphela ngesethi yezinombolo zakhe.
Bengifuna ngempela ukungakwazi ukunika amandla inqubomgomo yephasiwedi kuphela nokuchaza isethi yezinhlamvu, kodwa futhi nokuhlunga ngesichazamazwi. Ukukhipha ithuba lokusebenzisa amaphasiwedi anjalo.
I-Microsoft isazisa ngomusa ngesixhumanisi sokuthi noma ubani owazi ukubamba i-comiler, i-IDE ngendlela efanele ezandleni zakhe futhi owazi ukubiza u-C++ ngendlela efanele, uyakwazi ukuhlanganisa umtapo wezincwadi awudingayo futhi awusebenzise ngokuvumelana nokuqonda kwakhe. Inceku yakho ethobekile ayikwazi ukwenza lokhu, ngakho kwadingeka ngibheke isixazululo esenziwe ngomumo.
Ngemva kwehora elide lokucinga, izindlela ezimbili zokuxazulula inkinga zembulwa. Yebo, ngikhuluma ngesixazululo se-OpenSource. Phela, kunezinketho ezikhokhelwayo - kusukela ekuqaleni kuze kube sekupheleni.
Inombolo yokukhetha 1.
Sekuyiminyaka engaba ngu-2 kungekho ukuzinikela. Isifaki somdabu sisebenza njalo, kufanele usilungise mathupha. Idala isevisi yayo ehlukile. Lapho ubuyekeza ifayela lephasiwedi, i-DLL ayikuthathi ngokuzenzakalelayo okuqukethwe okushintshiwe; udinga ukumisa isevisi, ulinde isikhathi sokuvala, uhlele ifayela, bese uqala isevisi.
Alikho iqhwa!
Inombolo yokukhetha 2.
Iphrojekthi iyasebenza, iyaphila futhi asikho isidingo sokukhahlela umzimba obandayo.
Ukufaka isihlungi kuhlanganisa ukukopisha amafayela amabili nokudala okufakiwe okuningana kokubhalisa. Ifayela lephasiwedi alikho ekuvaleni, okungukuthi, liyatholakala ukuze lihlelwe futhi, ngokombono wombhali wephrojekthi, lifundwa nje kanye ngomzuzu. Futhi, usebenzisa okufakiwe okungeziwe kokubhalisa, ungaqhubeka nokulungiselela kokubili isihlungi ngokwaso kanye nama-nuances wenqubomgomo yephasiwedi.
Kulungile-ke.
Kunikezwe: Isizinda Sesizinda Semibhalo Esebenzayo test.local
Indawo yokusebenza yokuhlola ye-Windows 8.1 (ayibalulekile ngenjongo yenkinga)
isihlungi sephasiwedi PassFiltEx
- Landa ukukhishwa kwakamuva kusukela kusixhumanisi
- Kopisha PassFiltEx.dll в C: i-WindowsSystem32 (noma %SystemRoot%System32).
Kopisha PassFiltExBlacklist.txt в C: i-WindowsSystem32 (noma %SystemRoot%System32). Uma kunesidingo, siyengeza ngezifanekiso zethu
- Ukuhlela igatsha lokubhalisa: HKLMSYSTEMCurrentControlSetControlLsa => Amaphakheji Ezaziso
Engeza I-PassFiltEx kuze kube sekugcineni kohlu. (Isandiso asidingi ukucaciswa.) Uhlu oluphelele lwamaphakheji asetshenziselwa ukuskena luzobukeka kanje “rassfm scecli PassFiltEx".
- Qalisa kabusha isilawuli sesizinda.
- Siphinda inqubo engenhla kubo bonke abalawuli besizinda.
Ungakwazi futhi ukwengeza okufakiwe kokubhalisa okulandelayo, okukunikeza ukuguquguquka okwengeziwe ekusebenziseni lesi sihlungi:
Isahluko: HKLMSOFTWAREPassFiltEx — idalwa ngokuzenzakalelayo.
- HKLMSOFTWAREPassFiltExBlacklistFileName, REG_SZ, Okuzenzakalelayo: PassFiltExBlacklist.txt
I-BlacklistFileName — ikuvumela ukuthi ucacise indlela yangokwezifiso eya efayeleni elinezifanekiso zephasiwedi. Uma lokhu kufakwa kokubhalisa kungenalutho noma kungekho, bese kusetshenziswa indlela ezenzakalelayo, okungukuthi - %SystemRoot%System32. Ungakwazi ngisho nokucacisa indlela yenethiwekhi, KODWA udinga ukukhumbula ukuthi ifayela lesifanekiso kufanele libe nezimvume ezicacile zokufunda, ukubhala, ukususa, ukushintsha.
- HKLMSOFTWAREPassFiltExTokenPercentageOfPassword, REG_DWORD, Okuzenzakalelayo: 60
I-TokenPercentageOfPassword — ikuvumela ukuthi ucacise iphesenti lemaski kuphasiwedi entsha. Inani elizenzakalelayo lingu-60%. Isibonelo, uma ukwenzeka kwephesenti kungu-60 futhi i-starwars yeyunithi yezinhlamvu ikufayela lesifanekiso, khona-ke iphasiwedi Izinkanyezi 1! izonqatshwa ngenkathi iphasiwedi starwars1!DarthVader88 izokwamukelwa ngoba iphesenti leyunithi yezinhlamvu kuphasiwedi ingaphansi kuka-60%
- HKLMSOFTWAREPassFiltExRequireCharClasses, REG_DWORD, Okuzenzakalelayo: 0
DingaCharClasses — ikuvumela ukuthi unwebe izimfuneko zephasiwedi uma kuqhathaniswa nezidingo ezijwayelekile zephasiwedi ye-ActiveDirectory. Izidingo eziyinkimbinkimbi ezakhelwe ngaphakathi zidinga izinhlobo ezi-3 kwezi-5 ezingaba khona zezinhlamvu: Osonhlamvukazi, Ofeleba Abancane, Idijithi, Okukhethekile, kanye ne-Unicode. Ngokusebenzisa lokhu kufakwa kokubhalisa, ungasetha izidingo zakho zephasiwedi eyinkimbinkimbi. Inani elingashiwo liyisethi yamabhithi, ngalinye elingamandla ahambisanayo amabili.
Okusho ukuthi, 1 = usonhlamvukazi, 2 = usonhlamvukazi, 4 = idijithi, 8 = uhlamvu olukhethekile, kanye no-16 = uhlamvu lwe-Unicode.
Ngakho-ke ngevelu engu-7 izimfuneko zizoba “Upper Case” FUTHI izinhlamvu ezincane FUTHI idijithi”, futhi enenani elingu-31 - “Uppercase FUTHI icala elincane FUTHI idijithi FUTHI uphawu olukhethekile FUTHI Uhlamvu lwe-Unicode."
Ungakwazi ngisho nokuhlanganisa - 19 = “Uppercase FUTHI icala elincane FUTHI Uhlamvu lwe-Unicode." -
Imithetho eminingana lapho udala ifayela lesifanekiso:
- Izifanekiso azinazwelo. Ngakho-ke, ukungena kwefayela I-star wars и I-star wars izonqunywa ukuthi inenani elifanayo.
- Ifayela lohlu oluvinjelwe liphinda lifundwe njalo ngemizuzwana engama-60, ukuze ukwazi ukulihlela kalula; ngemva komzuzu, idatha entsha izosetshenziswa isihlungi.
- Okwamanje akukho usekelo lwe-Unicode lokufanisa iphethini. Okusho ukuthi, ungasebenzisa izinhlamvu ze-Unicode kumaphasiwedi, kodwa isihlungi ngeke sisebenze. Lokhu akubalulekile, ngoba angikaze ngibone abasebenzisi abasebenzisa amaphasiwedi e-Unicode.
- Kuyatuseka ukuthi ungavumeli imigqa engenalutho efayeleni lesifanekiso. Ku-debug ungabona iphutha lapho ulayisha idatha efayelini. Isihlungi siyasebenza, kodwa kungani kunezimo ezengeziwe?
Ukuze ulungise iphutha, ingobo yomlando iqukethe amafayela e-batch akuvumela ukuthi udale ilogu bese uyihlaziya usebenzisa, isibonelo,
Lesi sihlungi sephasiwedi sisebenzisa Ukulandelela Umcimbi ku-Windows.
Umhlinzeki we-ETW walesi sihlungi sephasiwedi ngu 07d83223-7594-4852-babc-784803fdf6c5. Ngakho-ke, ngokwesibonelo, ungamisa ukulandelelwa komcimbi ngemva kokuqalisa kabusha okulandelayo:
logman create trace autosessionPassFiltEx -o %SystemRoot%DebugPassFiltEx.etl -p "{07d83223-7594-4852-babc-784803fdf6c5}" 0xFFFFFFFF -ets
Ukulandelela kuzoqala ngemva kokuqalisa kabusha isistimu elandelayo. Kuzoma:
logman stop PassFiltEx -ets && logman delete autosessionPassFiltEx -ets
Yonke le miyalo icaciswe emibhalweni StartTracingAtBoot.cmd и StopTracingAtBoot.cmd.
Ukuze uthole isheke lesikhathi esisodwa sokusebenza kwesihlungi, ungasebenzisa QalaTracing.cmd и StopTracing.cmd.
Ukuze ufunde kalula ukuqeda iphutha kwalesi sihlungi I-Microsoft Message Analyzer Kunconywa ukusebenzisa izilungiselelo ezilandelayo:
Lapho umisa ukungena nokuhlahlela I-Microsoft Message Analyzer konke kubukeka kanjena:
Lapha ungabona ukuthi kube nomzamo wokusethela umsebenzisi iphasiwedi - igama eliwumlingo lisitshela lokhu SET ekulungiseni iphutha. Futhi iphasiwedi inqatshiwe ngenxa yokuba khona kwayo kufayela lesifanekiso kanye nokufana okungaphezu kuka-30% embhalweni ofakiwe.
Uma kwenziwa umzamo oyimpumelelo wokushintsha iphasiwedi, sibona okulandelayo:
Kunokuphazamiseka okuthile kumsebenzisi wokugcina. Uma uzama ukushintsha iphasiwedi efakwe ohlwini lwefayela lezifanekiso, umlayezo osesikrinini awuhlukile kumlayezo ojwayelekile lapho inqubomgomo yephasiwedi ingadluliswa.
Ngakho-ke, zilungiselele izingcingo nokumemeza: "Ngifake iphasiwedi ngendlela efanele, kodwa ayisebenzi."
Ingqikithi.
Le labhulali ikuvumela ukuthi uvimbele ukusetshenziswa kwamagama ayimfihlo alula noma ajwayelekile kusizinda sohlu lwemibhalo olusebenzayo. Ake sithi "Cha!" amaphasiwedi afana nokuthi: “P@ssw0rd”, “Qwerty123”, “ADm1n098”.
Yebo, kunjalo, abasebenzisi bazokuthanda nakakhulu ngokunakekela okunjalo ukuphepha kwabo kanye nesidingo sokuza namaphasiwedi ahlaba umxhwele. Futhi, mhlawumbe, inani lezingcingo nezicelo zosizo ngephasiwedi yakho zizokhula. Kodwa ukuvikeleka kuza ngentengo.
Izixhumanisi zezinsiza ezisetshenzisiwe:
I-athikili ye-Microsoft mayelana nelabhulali yesihlungi sephasiwedi yangokwezifiso:
PassFiltEx:
Isixhumanisi sokukhishwa:
Uhlu lwamaphasiwedi:
UDanielMiessler uhlu:
Uhlu lwamagama oluvela ku- weakpass.com:
Uhlu lwamagama oluvela ku-berzerk0 repo:
I-Microsoft Message Analyzer:
Source: www.habr.com