Rainbow Tables: Maganar kalmar sirri mafi kuskurenka

Kada ka bari sunayensu masu launi su yaudare ku, wadannan abubuwa suna firgita.

Duk da yake kuna iya yin tunanin Rainbow Tables kamar yadda kayan ado masu kyau suke, waɗannan ba waɗannan za mu tattauna ba. A Rainbow Tables da muke magana game da ana amfani da su crack kalmomin shiga kuma su ne duk da haka wani kayan aiki a cikin ɗan hacker ya ever-girma arsenal.

Abin da heck ne Rainbow Tables? Ta yaya wani abu da irin wannan cute da sunan maras kyau zai zama cutarwa?

Ƙarin Ma'anar Bayan Bayanan Rainbow

Ba ni da mummunan mutumin da ya danna wani yatsin hannu a cikin uwar garke ko ma'aikata, sake sake shi, kuma ya gudu da shirin da ke kofe fayil din fayil na tsaro wanda ya ƙunshi sunayen mai amfani da kalmomin shiga zuwa ƙwaƙwalwar yatsa.

Kalmar sirri a cikin fayil an ɓoye saboda haka ba zan iya karanta su ba. Dole ne in ƙaddamar da kalmomin shiga a cikin fayil (ko akalla kalmar sirrin mai gudanarwa) don in iya amfani da su don samun dama ga tsarin.

Menene zaɓuɓɓukan don kalmomin sirri masu fashewa? Zan iya gwadawa da yin amfani da shirin fashewa na kalmar sirri mai karfi irin su John the Ripper, wanda ke biye da kalmar sirri, yana ƙoƙarin ganewa kowane haɗin haɗin kalmar sirri. Hanya na biyu shine don ɗaukar ƙamus ɗin ƙwaƙwalwar kalmomin shiga da ke ƙunshe da daruruwan dubban kalmomin kalmar sirri da aka saba amfani dashi kuma duba idan ya sami duk wani hits. Wadannan hanyoyi na iya ɗaukar makonni, watanni, ko ma shekaru idan kalmomin shiga suna da karfi.

Lokacin da kalmar "an gwada" akan tsarin da aka "ƙaddara" ta yin amfani da boye-boye don haka ba a aika kalmar sirri ta ainihi a cikin rubutu ba a cikin layin sadarwa. Wannan yana hana eavesdroppers daga sakonnin kalmar sirri. Harshen kalmar sirri tana kama da nau'in datti kuma yana da mahimmanci daban-daban fiye da kalmar sirrin asali. Kalmarka ta iya zama "shitzu" amma hash na kalmarka ta sirri zai yi kama da "7378347eedbfdd761619451949225ec1".

Don tabbatar da mai amfani, tsarin yana ɗaukar darajar hash ɗin da aka sanya ta hanyar haɗin kalmar sirri akan kwamfuta na kwamfutarka kuma ya kwatanta shi zuwa darajar haɗin da aka adana a cikin tebur akan uwar garke. Idan hass ya yi wasa, to an yi amfani da mai amfani da kuma ba shi dama.

Hashing kalmar sirri yana aiki ne guda ɗaya, yana nufin cewa ba za ka iya ragewa hash ba don ganin abin da ke cikin rubutu na kalmar sirri. Babu wani maɓalli don ƙaddamar da hash da zarar an halicce ta. Babu "zobe-ƙusa" idan kun so.

Maganganar ɓatacciyar kalmar sirri ta aiki ta hanyar kama hanya zuwa hanyar shiga. Shigar da farawa ta fara ne ta hanyar ɗaukar kalmomin sirri na nuni, ta guje su ta hanyar haɗin gwaninta, kamar MD5, sa'an nan kuma kwatanta hash kayan aiki tare da hashes a cikin fayil ɗin sirrin sace. Idan ya sami wasan sai shirin ya fashe kalmar sirri. Kamar yadda muka fada a baya, wannan tsari zai dauki lokaci mai tsawo.

Shigar da Tables na Rainbow

Rainbow Tables suna da babbar matsala masu yawa na Tables masu tsayayyen da ke cike da dabi'u masu haɗari waɗanda aka riga sun dace da kalmomin sirri na rubutu. A Rainbow Tables da gaske bada izinin hackers don sake mayar da aikin hashing don sanin abin da kalmar sirri bayyana. Yana yiwuwa ga kalmomi daban-daban don haifar da wannan hadari don haka ba mahimmanci ne don gano ainihin kalmar sirri ba, kamar dai yadda yake da wannan hadari. Maganganun rubutun kalmomi na iya ba ma zama kalmar sirri guda ɗaya wanda mai amfani ya halicci ba, amma idan dai hash ya dace, to babu abin da ainihin kalmar sirri ta kasance.

Yin amfani da launi na Rainbow yana ba da izini ga kalmomin shiga a cikin wani gajeren lokaci idan aka kwatanta da hanyoyin da aka yi amfani da hanzari, duk da haka, cinikin da ake amfani da shi shi ne cewa yana da yawa ajiya (wani lokacin Terabytes) don riƙe da Rainbow Tables kansu, Ajiye kwanakin nan yana da yawa kuma mai arziki don haka wannan cinikin ba kamar yadda babban yarjejeniya ba ne kamar yadda ya kasance shekaru goma da suka shude a lokacin da magoya bayan kabyte ba wani abu ba ne wanda za ka iya karba a Buy mafi kyau na gida.

Masu amfani da kaya za su iya sayen launi na Dangantaka masu tsattsauran ra'ayi don ƙwaƙwalwar kalmomin sirri na tsarin sarrafawa kamar Windows XP, Vista, Windows 7, da kuma aikace-aikace ta yin amfani da MD5 da SHA1 a matsayin ma'anar hasken kalmar sirri (yawancin masu amfani da yanar gizo suna amfani da waɗannan algorithms masu tasowa).

Ta yaya za a kare kanka kan Bakan Gizo-da-gidanka na Ruwan Tafiyayyen Tables?

Muna fatan akwai shawarwari mafi kyau game da wannan ga kowa. Muna so in ce cewa kalmar da ta fi karfi za ta taimaka, amma wannan ba gaskiya ba ne saboda ba shi da wani rauni na kalmar sirri da ke da matsala, yana da rauni da aka haɗa da aikin haɗari da ake amfani da su don ɓoye kalmar sirri.

Ƙarin shawara mai kyau da za mu iya ba masu amfani shine ka kauce daga aikace-aikacen yanar gizo wanda ke hana kalmar sirrinka ta sirri zuwa tsawon ɗan haruffa. Wannan shi ne alamar bayyanar ƙwaƙwalwar tabbatar da kalmar sirri ta tsofaffin ɗalibai. Tsawon wucewar kalmar wucewa da kuma rikitarwa na iya taimakawa kaɗan, amma ba tabbacin kariya ba ne. Yawancin kalmar sirrinku shine, mafi girma da aka fi sani da Rainbow Tables za su iya kwashe shi, amma mai dan gwanin kwamfuta mai yawa da albarkatun zai iya cimma wannan.

Shawararmu game da yadda za a kare kan Rainbow Tables yana nufin gaske ga masu samar da aikace-aikace da masu sarrafa tsarin. Suna kan layin gaba idan sun zo don kare masu amfani da irin wannan harin.

Ga wasu matakai masu tasowa akan kare kan Rainbow Table harin:

  1. Kada ku yi amfani da MD5 ko SHA1 a cikin kalmar sirri na kalmar sirrin ku. MD5 da SHA1 sune kalmar sirri da ke amfani da ita ta hanyar amfani da wadannan hanyoyi masu fashewa. Yi la'akari da yin amfani da hanyoyi masu tasowa na zamani kamar SHA2.
  2. Yi amfani da rubutun kalmomi "Gishiri" a cikin kalmar sirrinka ta sirri. Ƙara ma'anar Gizon rubutun zuwa kalmar sirrin motsinka na sirri zai taimaka kare kare amfani da Rainbow Tables da ake amfani da su don ƙuntata kalmomin shiga cikin aikace-aikacenku. Don ganin wasu alamu na ƙira na yadda za a yi amfani da gishiri na rubutun kalmomi don taimakawa ga "Tsarin Rainbow-Proof" aikace-aikacenku don Allah a duba shafin yanar gizon WebMasters By Design wanda yana da babban labarin akan batun.

Idan kana so ka ga yadda masu amfani da hackers suke amfani da amfani ta amfani da Tables na Rainbow, za ka iya karanta wannan labarin mai kyau game da yadda zaka yi amfani da waɗannan dabarun don farfado da kalmomin sirri naka.

Alike posts

Family Tree A yanzu: Yanar Gizo Mai Sauƙi da Gyara

Yanar gizo & Binciken

Yadda za a Canji Wibiyarka Wi-Fi

Yanar gizo & Binciken

Matakan Tsaro na Wayar Hanya da Ya kamata Ka Juya

Yanar gizo & Binciken

Kamfaninku na Kasuwanci ne Firayim Ministan Magana!

Yanar gizo & Binciken

Tips don kauce wa Cyber ​​Litinin Scams

Yanar gizo & Binciken

Yadda za a Yi amfani da Sarrafa iyaye na YouTube

Yanar gizo & Binciken

Shin Matsalar Tinder dinku zata zama Scam Bot?

Yanar gizo & Binciken

Ta yaya Cybercriminals Ya Bambanta daga Masu Laifin Shari'a

Yanar gizo & Binciken

Mafi kyawun masu bada sabis na VPN na 2018

Yanar gizo & Binciken

See Newest

Ta yaya za a hada fayiloli zuwa imel na imel

IPhone & iPod

Menene fayil ɗin ADMX?

Windows

Shafukan yanar gizo: Yadda za a nemo Blogs Kana Jin dadin yanar gizo

Yanar gizo & Binciken

SVS PB-2000 Subwoofer Review & Measures

Samfurin Kayan

PhoenixBIOS Beep Code Shirya matsala

Windows

HTML da XML Masu gyara don Linux da Unix

Zane Yanar Gizo & Bayani

Sapid posts

Iri na Rashin wutar lantarki masu sarrafawa

Windows

Mene ne hangen nesa a hoto?

Hotunan kyamarori

Samun Mafi Ayyuka Daga Tsarin Siriyo

Sayen Guje

Mtalk.net Review

Email & Saƙo

Tuntuɓi Windows Live Mail Support ko Sanya Bug

Email & Saƙo

Rubutun Mahimmanci Kalmomi ɗaya kalma ko ɗaya wasika a lokaci

Software

Yadda za a iya sabunta jerin waƙa a cikin Windows Media Player

Software & Ayyuka

102 Canje-canje Za Ka iya Yi don Inganta Blog naka a Yanzu

Yanar gizo & Binciken

Yi amfani da Akwatin Shafi na Excel don Kwafi Abubuwan Maɓalli Masu Magana da yawa

Software

Maganar Magana na 2010 da Footers

Software

Yadda za a Cire Geotags daga Hotuna Taken tare da iPhone

IPhone & iPod

Koyi da Linux Umurnin setfacl

Linux

Jagora don Shirya da Sauke Bidiyo zuwa Vimeo

Software & Ayyuka

Me ya sa nake wasa minecraft?

Gaming

Shin Gangasar, Volume, ko Sashe Dukkan Same?

Macs

Yadda za a tushen Your Android wayar

Android