Ngesinye isikhathi ngo-2014, ezindaweni zokulahla izihlahla zomthombo we-BSD 3, ngathola ifayela enamagama ayimfihlo abo bonke omakadebona abafana noDennis Ritchie, uKen Thompson, uBrian W. Kernighan, uSteve Born noBill Joy.
Kulawa ma-hashi, i-algorithm isetshenzisiwe kususelwa ku-DES - eyaziwa ngobuthaka bayo (kanye nephasiwedi enobude obuyizinhlamvu eziyi-8). Ngakho-ke ngicabange ukuthi kuzoba lula ukuqhekeza lawa magama-mfihlo ukuze ujabule.
Sithatha i-bruter ejwayelekile и .
Ngokushesha, ngiqhekeze amaphasiwedi amaningi, amaningi awo abebuthakathaka kakhulu (ngokumangazayo, i-bwk isebenzise iphasiwedi /.,/.,, - kulula ukuthayipha kukhibhodi ye-QWERTY).
Kodwa iphasiwedi kaKen yayingenakwephulwa. Ngisho nokusesha okuphelele kwazo zonke izinhlamvu ezincane nezinombolo (izinsuku ezimbalwa ngo-2014) akuzange kunikeze umphumela. Njengoba i-algorithm yasungulwa nguKen Thompson noRobert Morris, ngangizibuza ukuthi yayiyini indaba. Ngiphinde ngabona ukuthi, uma kuqhathaniswa namanye ama-password hashing schemes afana ne-NTLM, i-crypt(3) ayisheshi ukusebenzisa amandla anonya (mhlawumbe ukwenziwa ngcono kancane).
Ingabe wayesebenzisa osonhlamvukazi noma ngisho nezinhlamvu ezikhethekile? (I-7-bit full brute force izothatha iminyaka emibili ku-GPU yesimanje).
Ekuqaleni kuka-Okthoba, lesi sihloko ohlwini lwamakheli , nami kanye nokudumala ngokuthi akakwazanga ukuqhekeza iphasiwedi ka-Ken.
Ekugcineni, namuhla u-Nigel Williams uveze le mfihlo:
Kusuka ku: Nigel Williams[i-imeyili ivikelwe]>
Isihloko: Re: [TUHS] Ibuyisela /etc/passwd amafayelaUKen uselungile
ZghOT0eRm4U9s:p/q2-q4!
Kuthathe izinsuku ezingaphezu kwezine ku-AMD Radeon Vega64 ku-hashcat cishe ku-930MH/s (labo abazi ukuthi i-hashrate iyaguquguquka futhi yehle ngasekupheleni).
Lena i-pawn yokuqala ehambisa izikwele ezimbili phakathi futhi uqale , ehambisana kahle kakhulu nayo .
Ngijabula kakhulu ngokuthi imfihlakalo ixazululiwe, futhi umphumela muhle kakhulu.
Source: www.habr.com