1
00:00:00,000 --> 00:00:13,000

2
00:00:13,000 --> 00:00:15,890
>> Rob BOWDEN: Mimi nina Rob, na
hebu kupata ngozi.

3
00:00:15,890 --> 00:00:19,390
Hivyo kumbuka kutoka spec pset kwamba
tunakwenda kuwa wanaohitaji kutumia

4
00:00:19,390 --> 00:00:20,890
crypt kazi.

5
00:00:20,890 --> 00:00:26,330
Kwa ukurasa mtu, tuna mbili
hash kufafanua _xopensource.

6
00:00:26,330 --> 00:00:28,290
Msiwe na wasiwasi kuhusu nini
tunahitaji kufanya hivyo.

7
00:00:28,290 --> 00:00:31,550
Na pia ni pamoja na hash unistd.h.

8
00:00:31,550 --> 00:00:35,920
>> Hivyo mara moja kwamba ni nje ya njia, hebu
kupata mpango halisi.

9
00:00:35,920 --> 00:00:39,570
Jambo la kwanza tunahitaji kufanya ni kuhakikisha
mtumiaji aliingia encrypted halali

10
00:00:39,570 --> 00:00:41,520
password katika mstari amri.

11
00:00:41,520 --> 00:00:46,050
Kumbuka kwamba mpango zinatakiwa
ya kuwa na kukimbia kama dot ufa kufyeka, na

12
00:00:46,050 --> 00:00:48,120
kisha encrypted kamba.

13
00:00:48,120 --> 00:00:52,990
>> Hivyo hapa sisi ni kuangalia na kuhakikisha
kwamba argc kwa mbili kama tunataka

14
00:00:52,990 --> 00:00:54,380
kuendelea na mpango.

15
00:00:54,380 --> 00:00:58,830
Kama argc si wawili, kwamba maana ya aidha
mtumiaji hakuingia encrypted

16
00:00:58,830 --> 00:01:02,560
password katika mstari amri, au wao
aliingia zaidi kuliko tu encrypted

17
00:01:02,560 --> 00:01:05,379
password katika mstari amri, ambayo
kesi hatujui nini cha kufanya na

18
00:01:05,379 --> 00:01:07,660
amri line mabishano.

19
00:01:07,660 --> 00:01:11,390
>> Hivyo kama argc mara mbili, tunaweza kuendelea.

20
00:01:11,390 --> 00:01:14,160
Na hapa, tunakwenda kutangaza
encrypted kutofautiana.

21
00:01:14,160 --> 00:01:17,650
Kwamba tu kwenda pak awali
argv1 hivyo kwamba katika hii

22
00:01:17,650 --> 00:01:20,690
mpango, hatuna kuiita argv1,
ambayo kisha una kufikiri

23
00:01:20,690 --> 00:01:22,950
kuhusu nini maana ya kwamba kweli.

24
00:01:22,950 --> 00:01:27,180
>> Hivyo hatimaye, tunataka adhibitishe kwamba
password encrypted mtumiaji

25
00:01:27,180 --> 00:01:30,840
aliingia wangeweza kweli imekuwa
password uliosimbwa.

26
00:01:30,840 --> 00:01:35,120
Kwa kila ukurasa mtu wa crypt,
password encrypted lazima 13

27
00:01:35,120 --> 00:01:36,440
wahusika kwa muda mrefu.

28
00:01:36,440 --> 00:01:41,500
Hadi hapa, taarifa kwamba sisi hash inavyoelezwa
kusimba urefu kama 13.

29
00:01:41,500 --> 00:01:46,140
Hivyo sisi ni tu ya kuhakikisha kuwa
urefu wa kamba encrypted

30
00:01:46,140 --> 00:01:49,090
password ni 13.

31
00:01:49,090 --> 00:01:52,280
>> Na kama siyo, tunataka
exit mpango.

32
00:01:52,280 --> 00:01:56,470
Hivyo mara moja kwamba ni nje ya njia, tunaweza
sasa kweli kujaribu kupata kile

33
00:01:56,470 --> 00:02:00,410
password kwamba alitoa encrypted
password mara.

34
00:02:00,410 --> 00:02:04,870
Hapa, tunataka kunyakua chumvi
kutoka password uliosimbwa.

35
00:02:04,870 --> 00:02:08,930
Kumbuka, kwa kila ukurasa mtu, kwamba
mbili za kwanza ya herufi ya encrypted

36
00:02:08,930 --> 00:02:10,590
kamba, kama hapa -

37
00:02:10,590 --> 00:02:12,770
50ZPJ na kadhalika -

38
00:02:12,770 --> 00:02:16,170
mbili za kwanza wahusika kutoa
sisi chumvi kuwa ilitumika

39
00:02:16,170 --> 00:02:18,080
katika kazi crypt.

40
00:02:18,080 --> 00:02:21,740
>> Na hapa, tunaona kwamba chumvi ilikuwa ha.

41
00:02:21,740 --> 00:02:27,610
Hivyo tunataka nakala mbili za kwanza
wahusika, chumvi urefu kuwa hash

42
00:02:27,610 --> 00:02:30,230
hufafanuliwa kama mbili.

43
00:02:30,230 --> 00:02:35,970
Sisi kuwa na nakala ya kwanza wahusika wawili
ndani ya safu hii, chumvi.

44
00:02:35,970 --> 00:02:39,340
Taarifa kwamba tunahitaji chumvi urefu pamoja
mmoja, tangu bado tunahitaji null

45
00:02:39,340 --> 00:02:42,440
Terminator katika mwisho wa chumvi wetu.

46
00:02:42,440 --> 00:02:46,940
>> Basi sisi ni kwenda kutangaza safu hii,
mgeni, ukubwa wa urefu max pamoja

47
00:02:46,940 --> 00:02:51,930
moja, ambapo max urefu ni hash inavyoelezwa
kama nane, tangu password upeo

48
00:02:51,930 --> 00:02:55,090
ni herufi nane muda mrefu.

49
00:02:55,090 --> 00:02:59,860
Na sisi ni kwenda kutumia hii iterate
juu ya yote masharti inawezekana kwamba inaweza

50
00:02:59,860 --> 00:03:01,430
kuwa halali nywila.

51
00:03:01,430 --> 00:03:07,720
Hivyo kama wahusika halali katika password
walikuwa tu b, na c, kisha

52
00:03:07,720 --> 00:03:14,970
tunataka iterate juu, b, c,
aa, ba, ca, na kadhalika, mpaka

53
00:03:14,970 --> 00:03:16,690
tunapata kuona cccccccc -

54
00:03:16,690 --> 00:03:19,600
nane c ya.

55
00:03:19,600 --> 00:03:23,620
>> Na kama tuna si chini halali
password, basi tunahitaji kusema kwamba

56
00:03:23,620 --> 00:03:26,590
kamba encrypted haikuwa
halali kwa kuanzia.

57
00:03:26,590 --> 00:03:29,970
Hivyo sasa, sisi kufikia hii wakati 1 kitanzi.

58
00:03:29,970 --> 00:03:33,100
Taarifa kwamba maana yake ni
kitanzi usio.

59
00:03:33,100 --> 00:03:36,430
>> Taarifa hakuna taarifa ya mapumziko
ndani ya hii kitanzi usio.

60
00:03:36,430 --> 00:03:38,570
Kuna tu kurudi kauli.

61
00:03:38,570 --> 00:03:41,210
Hivyo sisi kamwe kweli kutarajia
exit kitanzi.

62
00:03:41,210 --> 00:03:44,750
Sisi tu wanatarajia exit mpango.

63
00:03:44,750 --> 00:03:48,220
Nimekuwa aliongeza kauli hii magazeti
juu ya kitanzi hii tu magazeti nje

64
00:03:48,220 --> 00:03:51,790
kile wetu wa sasa nadhani katika
password ni nini.

65
00:03:51,790 --> 00:03:53,630
>> Sasa, ni nini kitanzi hii kufanya?

66
00:03:53,630 --> 00:03:58,330
Ni looping juu ya masharti yote inawezekana
ambayo inaweza kuwa halali nywila.

67
00:03:58,330 --> 00:04:02,700
Jambo la kwanza tunakwenda kufanya ni
kuchukua nadhani wetu wa sasa kwa nini

68
00:04:02,700 --> 00:04:03,920
password ni.

69
00:04:03,920 --> 00:04:07,230
Tutaweza kuchukua chumvi kwamba sisi grabbed kutoka
kamba encrypted, na sisi ni

70
00:04:07,230 --> 00:04:09,850
kwenda kusimba nadhani.

71
00:04:09,850 --> 00:04:14,760
Hii itatupa nadhani encrypted,
ambayo tunakwenda kulinganisha dhidi

72
00:04:14,760 --> 00:04:18,810
kamba encrypted kwamba mtumiaji
aliingia katika mstari amri.

73
00:04:18,810 --> 00:04:23,030
>> Kama wao ni sawa, katika kesi ambayo
kamba kulinganishwa atarudi sifuri, kama

74
00:04:23,030 --> 00:04:28,050
wao ni sawa, basi nadhani ilikuwa
password kwamba yanayotokana encrypted

75
00:04:28,050 --> 00:04:33,520
kamba, katika kesi ambayo tunaweza magazeti
kwamba kama password yetu na kurudi.

76
00:04:33,520 --> 00:04:37,520
Lakini kama walikuwa si sawa, kwamba
maana nadhani wetu alikuwa sahihi.

77
00:04:37,520 --> 00:04:43,250
>> Na tunataka iterate kwa
ijayo halali nadhani.

78
00:04:43,250 --> 00:04:46,410
Hivyo kwamba ni nini hii wakati
kitanzi ni kujaribu kufanya.

79
00:04:46,410 --> 00:04:51,760
Ni kwenda iterate nadhani wetu
na nadhani ijayo halali.

80
00:04:51,760 --> 00:04:56,080
Taarifa kwamba wakati sisi kusema kwamba
Hasa tabia katika dhana yetu ina

81
00:04:56,080 --> 00:05:01,770
kufikiwa ishara max, ambayo hadi hapa
ni hash hufafanuliwa kama tilde, tangu

82
00:05:01,770 --> 00:05:05,710
hiyo ni kubwa ASCII thamani tabia
kwamba mtumiaji anaweza kuingia katika

83
00:05:05,710 --> 00:05:11,210
keyboard, wakati tabia fika
max ishara, basi tunataka kutuma

84
00:05:11,210 --> 00:05:17,150
ni nyuma na ishara chini, ambayo
ni nafasi, tena ASCII chini kabisa

85
00:05:17,150 --> 00:05:20,800
thamani ishara kwamba mtumiaji unaweza
kuingia katika keyboard.

86
00:05:20,800 --> 00:05:22,940
>> Hivyo sisi ni kwenda kuweka kwamba
kwa ishara ya kiwango cha chini.

87
00:05:22,940 --> 00:05:25,720
Na kisha sisi ni kwenda
juu ya tabia ya pili.

88
00:05:25,720 --> 00:05:28,730
Hivyo jinsi ni kubahatisha wetu
kwenda iterate?

89
00:05:28,730 --> 00:05:33,685
Naam, kama wahusika ni halali b,,
na c, kisha kama sisi ilianza na,

90
00:05:33,685 --> 00:05:36,630
hivyo itabidi iterate na b, ni itabidi
iterate c.

91
00:05:36,630 --> 00:05:44,360
c ni alama yetu max, hivyo tutaweza kuweka
c nyuma, alama kiwango cha chini.

92
00:05:44,360 --> 00:05:48,100
Na kisha tutaweza iterate index
na tabia ya pili.

93
00:05:48,100 --> 00:05:53,920
>> Hivyo kama dhana ya awali ilikuwa c, ijayo
tabia ni kwenda kuwa null

94
00:05:53,920 --> 00:05:55,560
Terminator.

95
00:05:55,560 --> 00:06:00,670
Hapa chini, taarifa kwamba kama tabia
kwamba sisi sasa wanataka

96
00:06:00,670 --> 00:06:04,690
nyongeza alikuwa Terminator null,
kisha tunakwenda kuweka kwa

97
00:06:04,690 --> 00:06:06,260
kima cha chini cha mfano.

98
00:06:06,260 --> 00:06:11,431
Hivyo kama nadhani alikuwa c, basi wetu
Dhana mpya ni kwenda kuwa aa.

99
00:06:11,431 --> 00:06:16,050
Na kama nadhani wetu awali ilikuwa
CCCC, basi nadhani wetu mpya

100
00:06:16,050 --> 00:06:18,380
ni kwenda kuwa aaaaa.

101
00:06:18,380 --> 00:06:24,430
>> Hivyo wakati sisi kufikia kamba upeo
ya urefu fulani, basi sisi ni

102
00:06:24,430 --> 00:06:29,090
kwenda kutekeleza kwa kamba kima cha chini cha
urefu wa pili, ambayo itakuwa

103
00:06:29,090 --> 00:06:34,420
tu kuwa wahusika wote wa
alama ya kiwango cha chini.

104
00:06:34,420 --> 00:06:36,970
Sasa, ni nini hundi hii kufanya hapa?

105
00:06:36,970 --> 00:06:42,780
Naam, kama index wakiongozwa kutoka nane
tabia na tabia ya tisa -

106
00:06:42,780 --> 00:06:46,460
hivyo kuongeza nane c kama
uliopita wetu nadhani -

107
00:06:46,460 --> 00:06:51,270
kisha index ni kwenda kuzingatia
mwisho null Terminator ya nadhani wetu

108
00:06:51,270 --> 00:06:57,990
safu, ambayo si maana ya kweli
kutumika katika password yetu.

109
00:06:57,990 --> 00:07:03,530
>> Hivyo kama sisi ni kulenga null kwamba mwisho
Terminator, basi hatuna kupatikana

110
00:07:03,530 --> 00:07:07,750
password kwamba ni halali kwa kutumia tu nane
wahusika, ambayo ina maana hakuna

111
00:07:07,750 --> 00:07:10,550
halali password kwamba encrypts
kwa kamba aliyopewa.

112
00:07:10,550 --> 00:07:13,520
Na sisi kuwa na magazeti kwamba, akisema
sisi hakuweza kupata halali

113
00:07:13,520 --> 00:07:16,100
password, na kurudi.

114
00:07:16,100 --> 00:07:20,280
Hivyo hii kitanzi wakati anaenda iterate
juu ya yote masharti iwezekanavyo.

115
00:07:20,280 --> 00:07:24,640
>> Kama anaona yoyote encrypts kwamba
inatarajiwa encrypted kamba, hivyo itabidi

116
00:07:24,640 --> 00:07:26,190
kurudi kwamba password.

117
00:07:26,190 --> 00:07:29,610
Na haina kupata chochote, basi
atarudi, uchapishaji kwamba

118
00:07:29,610 --> 00:07:31,910
hakuwa na uwezo wa kupata chochote.

119
00:07:31,910 --> 00:07:39,220
Sasa, taarifa kwamba iterating juu ya wote
masharti inawezekana pengine ni kwenda

120
00:07:39,220 --> 00:07:40,420
kuchukua muda.

121
00:07:40,420 --> 00:07:43,590
Hebu kweli kuona jinsi
muda mrefu kwamba inachukua.

122
00:07:43,590 --> 00:07:47,230
>> Hebu kufanya ufa.

123
00:07:47,230 --> 00:07:51,050
Naam, oops - inasema kisichojulikana
rejea kwa crypt.

124
00:07:51,050 --> 00:07:55,330
Basi kumbuka, kwa p seti spec na
pia ukurasa mtu kwa ajili ya crypt kwamba sisi

125
00:07:55,330 --> 00:07:58,130
haja ya kuhusisha katika crypt.

126
00:07:58,130 --> 00:08:01,130
Sasa, default kufanya amri
hajui kwamba wewe

127
00:08:01,130 --> 00:08:03,010
wanataka kutumia kwamba kazi.

128
00:08:03,010 --> 00:08:09,680
>> Basi hebu nakala hii amri ya mteja
na tu kuongeza juu ya mwisho

129
00:08:09,680 --> 00:08:13,300
yake, kuunganisha crypt.

130
00:08:13,300 --> 00:08:14,820
Sasa, inaandaa.

131
00:08:14,820 --> 00:08:23,880
Basi hebu kukimbia ufa juu ya kupewa
encrypted kamba -

132
00:08:23,880 --> 00:08:25,130
hivyo Kaisari.

133
00:08:25,130 --> 00:08:28,690

134
00:08:28,690 --> 00:08:30,790
Hivyo kwamba alikuwa pretty kufunga.

135
00:08:30,790 --> 00:08:33,230
>> Taarifa kwamba hii kumalizika tarehe 13.

136
00:08:33,230 --> 00:08:38,240
Naam, Kaisari encrypted password
hutokea kwa kuwa 13.

137
00:08:38,240 --> 00:08:41,650
Basi hebu jaribu mwingine password.

138
00:08:41,650 --> 00:08:45,830
Hebu kuchukua Hirschhorn ya encrypted
password na kujaribu ngozi hiyo.

139
00:08:45,830 --> 00:08:51,750

140
00:08:51,750 --> 00:08:55,110
>> Hivyo taarifa tumekuwa tayari kufikiwa
tatu wahusika.

141
00:08:55,110 --> 00:08:58,660
Na sisi ni iterating juu ya wote inawezekana
tatu-tabia masharti.

142
00:08:58,660 --> 00:09:01,420
Hiyo ina maana tumekuwa tayari kumaliza
iterating juu ya kila moja iwezekanavyo na

143
00:09:01,420 --> 00:09:04,660
mbili tabia masharti.

144
00:09:04,660 --> 00:09:09,180
Sasa, inaonekana kama hii ni ya kwenda
kuchukua muda kabla sisi kufikia

145
00:09:09,180 --> 00:09:10,580
minne tabia masharti.

146
00:09:10,580 --> 00:09:14,680
Inaweza kuchukua dakika kadhaa.

147
00:09:14,680 --> 00:09:16,055
>> Haikuchukua dakika kadhaa.

148
00:09:16,055 --> 00:09:18,450
Sisi ni juu ya masharti ya nne-tabia.

149
00:09:18,450 --> 00:09:22,800
Lakini sasa, tunahitaji iterate juu ya kila
inawezekana minne tabia masharti, ambayo

150
00:09:22,800 --> 00:09:26,000
ambayo inaweza kuchukua labda dakika 10.

151
00:09:26,000 --> 00:09:28,720
Na kisha wakati sisi kufikia tano tabia
masharti, tunahitaji iterate juu ya kila

152
00:09:28,720 --> 00:09:31,450
ya wale, ambao huenda
kuchukua masaa kadhaa.

153
00:09:31,450 --> 00:09:34,080
Na tunahitaji iterate juu ya wote inawezekana
sita-tabia masharti, ambayo

154
00:09:34,080 --> 00:09:36,560
inaweza kuchukua siku kadhaa na kadhalika.

155
00:09:36,560 --> 00:09:41,380
>> Hivyo inaweza kuchukua muda mrefu sana uwezekano
wakati iterate juu ya wote inawezekana

156
00:09:41,380 --> 00:09:44,850
nane tabia na masharti machache zaidi.

157
00:09:44,850 --> 00:09:50,600
Hivyo taarifa kwamba hii si lazima
ufanisi sana algorithm kwa ajili ya kutafuta

158
00:09:50,600 --> 00:09:51,860
password.

159
00:09:51,860 --> 00:09:54,540
Unaweza kufikiri kwamba kuna
ni njia bora zaidi.

160
00:09:54,540 --> 00:10:02,230
Kwa mfano, zyx password 32ab!
pengine si password ya kawaida sana,

161
00:10:02,230 --> 00:10:06,440
ambapo password ni 12345
pengine mengi zaidi ya kawaida.

162
00:10:06,440 --> 00:10:13,570
>> Hivyo njia moja ya kujaribu kupata password
haraka zaidi ni kuangalia tu

163
00:10:13,570 --> 00:10:15,560
saa nywila ambayo ni zaidi ya kawaida.

164
00:10:15,560 --> 00:10:20,480
Hivyo kwa mfano, tunaweza kujaribu kusoma maneno
kutoka kamusi na kujaribu yote ya

165
00:10:20,480 --> 00:10:24,860
maneno hayo kama guesses yetu password.

166
00:10:24,860 --> 00:10:29,210
Sasa, labda password
si rahisi.

167
00:10:29,210 --> 00:10:32,600
Labda mtumiaji ilikuwa kiasi fulani wajanja
na kujaribu appending idadi ya

168
00:10:32,600 --> 00:10:34,220
mwisho wa neno.

169
00:10:34,220 --> 00:10:37,000
>> Hivyo labda password yao ilikuwa password1.

170
00:10:37,000 --> 00:10:41,520
Hivyo unaweza kujaribu iterating juu ya maneno yote
katika kamusi na moja

171
00:10:41,520 --> 00:10:43,210
umeongezewa na mwisho wake.

172
00:10:43,210 --> 00:10:47,360
Na kisha labda baada ya kufanya hivyo, utakuwa
append mbili kwa mwisho wake.

173
00:10:47,360 --> 00:10:50,240
>> Au labda user ni kujaribu kuwa hata
wajanja zaidi, na wanataka yao

174
00:10:50,240 --> 00:10:54,980
password kuwa "hacker," lakini wao ni
kwenda kuchukua nafasi ya matukio yote ya e

175
00:10:54,980 --> 00:10:56,600
na watatu watatu.

176
00:10:56,600 --> 00:10:58,440
Hivyo unaweza kufanya hivyo pia.

177
00:10:58,440 --> 00:11:02,100
Iterate juu ya maneno yote katika kamusi
lakini badala ya wahusika kuwa

178
00:11:02,100 --> 00:11:04,790
kuangalia kama idadi na namba hizo.

179
00:11:04,790 --> 00:11:09,670
>> Hivyo njia hii, unaweza kupata hata zaidi
nywila kwamba ni pretty kawaida.

180
00:11:09,670 --> 00:11:14,690
Lakini mwisho, njia pekee unaweza
kukamata nywila wote ni brute

181
00:11:14,690 --> 00:11:17,340
nguvu iterate juu ya wote
iwezekanavyo masharti.

182
00:11:17,340 --> 00:11:22,100
Hivyo katika mwisho, huna haja ya iterate
juu ya yote masharti kutoka tabia moja kwa

183
00:11:22,100 --> 00:11:28,110
nane wahusika, ambayo inaweza kuchukua
muda mrefu sana, lakini unahitaji kufanya hivyo.

184
00:11:28,110 --> 00:11:30,024
>> Jina langu ni Rob Bowden.

185
00:11:30,024 --> 00:11:31,425
Na hii ni ufa.

186
00:11:31,425 --> 00:11:36,533