Ka’idojin Mu’amala da “Password” (10)

Tsarin Kwance “Password”

Tsarin “layance “Password”” hanya ce da ake amfani da ita a wannan zami namu don baiwa bayanan mutane dake makare a kwamfutocin gidajen yanar sadarwa musamman, kariya daga kaiwa gare su ta hanyar da bata dace ba, kuma ba tare da izini ba.  Idan mai karatu bai manta ba har wa yau, a sadda nake bayar da ma’anar kamar “Password” na nuna cewa kalma ce da ake amfani da ita don tantance mai kokarin kaiwa ga wasu bayanai dake wani wuri tsararre.  A duk sadda dan Dandatsa (Hacker) ya samu isa ga wani rumbun adana bayanai mai dauke da “Password” din jama’a, a kowane irin yanayi bayanan suke (mai karatu zai ga bayanai kan nau’ukan hanyoyin taskance “Password” nan kadan) zai kwashe su ne, ko ince ya sace su gaba daya.  Idan ya gudu ya koma masaukinsa hankalinsa ya kwanta ba a kama shi ba, sai nan take ya fara tunanin hanyoyin kwance su don amfana dasu.

Ta wace hanya ‘yan Dandatsa ke sato “Password” din mutane dake a yanayi irin wannan?  Wannan ne ya kaimu ga manhajojin sace “Password” dake yayi a wannan hali da muke ciki.  Akwai manhajojin sace “Password” da aka layance (Encrypted Passwords) masu dimnin yawa.  Kuma kamar yadda na sanar a baya, samun ire-iren wadannan manhajoji ba wahala ga mai bukata, amma amfani dasu na bukatar kwarewa mai karfin gaske.  Wasu ma ba a iya amfani dasu a kan kwamfuta mai dauke da babbar manhajar Windows, sai a kan mai dauke da Linux ko Unix misali.  Wanda kuma ba kowa ke iya mallakarsu ba ma a nan balle iya sarrafa su.  Galibi sai kwararru a harkar kwamfuta, ko wadanda suka iya mu’amala dasu a wasu kasashen Turai gabanin dawowarsu gida Najeriya.

Layance “Password” shi ake kira Password Encryption ko Password Hashing/Salting.  Tsarin kwance “Password” daga halin da yake ciki kuma shi ake kira: Password Cracking.  Fannin ilimin dake bincike kan wadannan abubuwa kuma shi ake kira: Cryptography & Ecryption.  Bayan wannan fanni, akwai wadanda ke kwarewa kan ilimin kariyar bayanai da gano hanyoyin sacewa ko kwance “Password” da manufa ta gari, a matsayin sana’a karbabbiya.  Wannan fanni shi ake kira: Certified Ethical Hacking.  Wanda ya kware a wannan fanni kuma shi ake kira: Certified Ethical Hacker.  Wanda ya kara kwarewa kan wannan fanni kuma shi ne wanda ya karanci fannin: Penetration Testing.  Shi kuma ana kiransa: Certified Penetration Tester (CPT).

Masu koyon wannan ilimi a makarantu da jami’o’i da cibiyoyin binciken ilimin sadarwa na zamani (ciki har da mai Magana) suna amfani ne da galibin wadannan manhajoji dake iya gano inda makwancin “Password” yake a ko ina ne a giza-gizan sadarwa.  Domin daga cikin jarabawa da ake wa dalibai a wannan fanni, akwai wadanda idan suka zo jarabawarsu ta karshe, za a basu sunan jakar wasu bayanai ne (file name) a ce su nemo inda jakar bayanin take a duniyar intanet, karkashin sa’o’i 24!  Abin da ake bukatar su mika a matsayin jarabawarsu, ita ce hakikanin jakar bayanin da aka basu sunanta.  Da zarar sun gano inda take kuma suka aika, sun ci jarabawa kenan.  Wannan aiki ne Ja, inji mutan garin Dan ja a Katsina.  Amma da zarar ka ci shikenan.

Shahararrun manhajojin dake iya layance “Password” suna da yawa.  Goma daga cikinsu ne: “Brutus,” da “RainbowCrack,” da “Wfuzz.”  Sai “Cain and Abel,” da “John the Ripper” (wanda nake kira “Jatau Mahandami”), da “THC Hydra,” sai kuma “Medusa.”  Saura sun hada da: “OphCrack,” da “L0phtCrack,” sai na karshe, wato “AirCrack-NG.”  Wadannan manhajoji kayan aiki ne mai girma da tasirin gaske, amma ga wanda ya iya amfani dasu, ya san karfinsu, ya kuma san wanne yafi dacewa a wane yanayi ko hali.  Wasu ana iya amfani dasu a kan kwamfuta mai dauke da babbar manhajar Windows.  Wasu kuma dole sai ta amfani da mai dauke da babbar manhajar Linux ko Unix.  Wasu kuma suna da nau’uka bibbiyu ne; da na Windows, da kuma na Linux/Unix.  Kamar yadda na fada a farko, gaibinsu kyauta ne.  Wasu kuma na kudi ne. Wasu kuma na kyauta ne amma idan ka bayar da abin goro ba laifi.  Wato tallafi kenan.

Ina Babbar Manhajar Windows ke Adana “Password”?

Ga duk wanda ya saba mu’amala da kwamfuta mai dauke da babbar manhajar Windows, dole ya zama akwai inda yake shigar da “Password” dinsa a duk sadda yazo bude ta.  Hakan ne ke bashi damar isa gareta, tare da yin abin da yake son yi ba tare da matsala ba.  In kuwa haka ne, a ina ne wannan babbar manhajar kwamfuta ke adana wannan “Password” din da ake shigar mata a yayin da mai mu’amala da ita yazo shiga huruminsa?  Shin, ko mai karatu ya taba yi wa kansa ko waninsa wannan tambayar?  In eh, wace amsa ka samu?

Babbar manhajar Windows na adana dukkan “Password” din da aka shigar mata tabbas, amma ba a iya isa ga jakar bayanan dake dauke da wadannan “Password” din idan kwamfutar tana kunne.  Da farko dai, Windows kan adana “Password” din ka shigar mata ne a wani burgamin adana bayanai mai suna: Sam Folder.  A hakan ma, ba za ka iya ganin “Password” din balo-balo ba.  Domin tana adana su ne ta amfani da tsarin NTLM, wato NT LAN Manager.  Wannan ka’ida ta adana “Password”, duk da cewa kwararru a harkar sadarwa da kariyar bayanai sun nuna yana da rauni, amma har yanzu dashi kamfanin Microsoft ke amfani wajen adana “Password” din masu kwamfuta.  Titin da ake bi wajen isa ga wannan burgamin bayanai mai suna Sam ita ce: C:\WINDOWS\System32\Config\Sam

Wannan titi ne mai saukin isa gare shi, amma bayan an kashe kwamfutar.  Idan kwamfutar na kunne ba za ka iya isa gare ta ba.  To, me wannan adireshi yake nufi?  Da farko dai, harafin “C” dake farkon adireshin na ishara ne ga hakikanin ma’adanar kwamfutar dake dauke da babbar manhajar kwamfutar gaba daya, wato: Drive C.  Kalmar “WINDOWS” kuma babbar burgamin dake dauke da dukkan bayanan da suka shafi babbar manhajar Kenan.  Ma’anar “burgami” shi ne: “Folder.”  Kana shiga wannan burgami na WINDOWS sai ka gangara zuwa burgami mai suna: “System32”  haka yake a rubuce.  Kana shiga ciki, sai ka zarce burgami mai suna: “Config,” wanda a cikinsa ne burgamin “Sam” yake.  Idan ka shiga cikin burgamin “Sam” za ka ci karo da hakikanin jakar dake dauke da “Password” dinka, idan kwamfutar taka ce.

Sai dai kamar yadda na fada a baya, ba za ka iya isa ga wannan bayani ba idan a kan kwamfutar kake, domin tana kunne ne kuma baza ta baka dama ba.  To meye abin yi?  Kana iya kashe kwamfutar, sai ka cire babbar ma’adanarta, wato: Hard Disk Drive (HDD), ka samu wata kwamfutar ka jona mata, don ganin dukkan bayanan dake ciki.  Daga nan sai kawai ka zarce wancan jakar bayanai don kwaso jakar dake dauke da “Password” din.  Idan hakan zai maka wahala, akwai wata hanya.   Kana iya samun faifan CD/DVD mai dauke da babbar manhajar Linux (kamar nau’in “Backtrack 5” ko kuma “Kali Linux”), sai ka shigar wa kwamfutar a sadda take kunne, sannan ka kashe ka sake kunna ta (Restart), da zarar ta fahimci samuwar wannan CD/DVD nan take za ta tambayeka ko kana son lodawa ne, sai kace eh, ta hanyar matsa kowane maballin shigar da bayanai dake ka allon shigar da bayanai.  Wannan zai loda babbar manhajar, ta hanyar baka zabi kan yadda kake son amfani da ita a kwamfutar.  Ka zabi cewa za ka yi amfani dashi ne ta hanyar CD/DVD kadai.  Wannan zai baka damar shiga kai tsaye ba tare da an goge maka babbar manhajar kwamfutar Windows dinka ba.  Wannan shi ake kira: Booting From Live CD/DVD. 

Da zarar ka shiga sai ka gangara kan burgamin dake dauke da babbar manhajar Windows kasai ka bi titin da aka ayyana a baya don isa ga burgamin Sam dake dauke da “Password” dinka.  Bayan ka samu “Password” din, dole sai ka yi amfani da daya daga cikin manhajojin dake iya tacewa, tare da kwance “Password” kafin ka ga hakikanin bayanan da “Password” din ya kunsa.

Bayan wancan titi har wa yau, kana iya amfani da wani titin daban, don isa cikin sauki.  Wannan titi mafi sauki ita ce: %winDir%\system32\config\sam.   Sai dai idan kana son amfani da wannan titi, to, dole sai ka je “Start”, a bangaren dama daga kasa za ka ga alamar “Run” sai ka matsa.  Idan ya budo sai ka shigar da adireshin.  Sai dai kamar yadda nace, baza ka iya isa ga mahallin ba sai kwamfutar tana kashe.  Shi yasa da zarar ka shigar da adireshi (in ka hada da kalmar “Sam”) za a ce maka Windows baza ta ba ka damar isa ga mahallin da ka bukata ba.