A makon jiya mai karatu ya samu bayanai kan ragowar hanyoyin da ‘yan Dandatsa ke bi wajen sace “Password” din mutane, tare da nuna cewa daga cikin hanyoyin da suke amfani da su akwai amfani da manhajojin kwamfuta masu iya kwance “Password” duk yadda aka layance shi. A yau za mu dubi wasu daga cikin wadannan manhajojin kwamfuta da ake iya sace “Password” da su, tare da kwance su bayan an sace. Sannan mu yi nazari kan wuraren da kwamfutocin da muke amfani da su a hannunmu ko a office – wato kwamfutoci gama-gari nake nufi – don sanin ina ne suke adana “Password” din da muke shigarwa don ba mu damar shiga kwamfutar a duk lokacin da muka shigar. In Allah Ya so kuma za mu dubi yadda idan ka mance “Password” din kwamfutarka, ta yaya za ka iya canza wani “Password” din ta hanya mai sauki? Idan da lokaci a mako mai zuwa za mu yi nazari har wa yau kan yadda gidajen yanar sadarwar da muke mu’amala da su suke adana “Password” din mu a rumbun adana bayanansu (Database).
Tsarin Kwance “Password”
Tsarin “layance “Password”” hanya ce da ake amfani da ita a wannan zami namu don baiwa bayanan mutane da ke makare a kwamfutocin gidajen yanar sadarwa musamman, kariya daga kaiwa gare su ta hanyar da ba ta dace ba, kuma ba tare da izini ba. Idan mai karatu bai manta ba har wa yau, a sadda nake bayar da ma’anar kamar “Password” na nuna cewa kalma ce da ake amfani da ita don tantance mai kokarin kai wa ga wasu bayanai da ke wani wuri tsararre. A duk sadda dan Dandatsa (Hacker) ya samu isa ga wani rumbun adana bayanai mai dauke da “Password” din jama’a, a kowane irin yanayi bayanan suke (mai karatu zai ga bayanai kan nau’ukan hanyoyin taskance “Password” nan kadan) zai kwashe su ne, ko in ce ya sace su gaba daya. Idan ya gudu ya koma masaukinsa hankalinsa ya kwanta ba a kama shi ba, sai nan take ya fara tunanin hanyoyin kwance su don amfana da su.
Ta wace hanya ‘yan Dandatsa ke sato “Password” din mutane da ke a yanayi irin wannan? Wannan ne ya kai mu ga manhajojin sace “Password” dake yayi a wannan hali da muke ciki. Akwai manhajojin sace “Password” da aka layance (Encrypted Passwords) masu dimbin yawa. Kuma kamar yadda na sanar a baya, samun ire-iren wadannan manhajoji ba wahala ga mai bukata, amma amfani da su na bukatar kwarewa mai karfin gaske. Wasu ma ba a iya amfani da su a kan kwamfuta mai dauke da babbar manhajar Windows, sai a kan mai dauke da Linud ko Unid misali. Wanda kuma ba kowa ke iya mallakarsu ba ma a nan balle iya sarrafa su. Galibi sai kwararru a harkar kwamfuta, ko wadanda suka iya mu’amala da su a wasu kasashen Turai gabanin dawowarsu gida Najeriya.
Layance “Password” shi ake kira Password Encryption ko Password Hashing/Salting. Tsarin kwance “Password” daga halin da yake ciki kuma shi ake kira: Password Cracking. Fannin ilimin dake bincike kan wadannan abubuwa kuma shi ake kira: Cryptography & Ecryption. Bayan wannan fanni, akwai wadanda ke kwarewa kan ilimin kariyar bayanai da gano hanyoyin sacewa ko kwance “Password” da manufa ta gari, a matsayin sana’a karbabbiya. Wannan fanni shi ake kira: Certified Ethical Hacking. Wanda ya kware a wannan fanni kuma shi ake kira: Certified Ethical Hacker. Wanda ya kara kwarewa kan wannan fanni kuma shi ne wanda ya karanci fannin: Penetration Testing. Shi kuma ana kiransa: Certified Penetration Tester (CPT).
Masu koyon wannan ilimi a makarantu da jami’o’i da cibiyoyin binciken ilimin sadarwa na zamani (ciki har da mai Magana) suna amfani ne da galibin wadannan manhajoji dake iya gano inda makwancin “Password” yake a ko ina ne a giza-gizan sadarwa. Domin daga cikin jarabawa da ake wa dalibai a wannan fanni, akwai wadanda idan suka zo jarabawarsu ta karshe, za a basu sunan jakar wasu bayanai ne (file name) a ce su nemo inda jakar bayanin take a duniyar intanet, karkashin sa’o’i 24! Abin da ake bukatar su mika a matsayin jarabawarsu, ita ce hakikanin jakar bayanin da aka basu sunanta. Da zarar sun gano inda take kuma suka aika, sun ci jarabawa kenan. Wannan aiki ne Ja, inji mutan garin dan ja a Katsina. Amma da zarar ka ci shikenan.
Shahararrun manhajojin dake iya layance “Password” suna da yawa. Goma daga cikinsu ne: “Brutus,” da “RainbowCrack,” da “Wfuzz.” Sai “Cain and Abel,” da “John the Ripper” (wanda nake kira “Jatau Mahandami”), da “THC Hydra,” sai kuma “Medusa.” Saura sun hada da: “OphCrack,” da “L0phtCrack,” sai na karshe, wato “AirCrack-NG.” Wadannan manhajoji kayan aiki ne mai girma da tasirin gaske, amma ga wanda ya iya amfani dasu, ya san karfinsu, ya kuma san wanne yafi dacewa a wane yanayi ko hali. Wasu ana iya amfani dasu a kan kwamfuta mai dauke da babbar manhajar Windows. Wasu kuma dole sai ta amfani da mai dauke da babbar manhajar Linud ko Unid. Wasu kuma suna da nau’uka bibbiyu ne; da na Windows, da kuma na Linud/Unid. Kamar yadda na fada a farko, gaibinsu kyauta ne. Wasu kuma na kudi ne. Wasu kuma na kyauta ne amma idan ka bayar da abin goro ba laifi. Wato tallafi kenan.
Ina Babbar Manhajar Windows ke Adana “Password”?
Ga duk wanda ya saba mu’amala da kwamfuta mai dauke da babbar manhajar Windows, dole ya zama akwai inda yake shigar da “Password” dinsa a duk sadda ya zo budewa. Hakan ne ke ba shi damar isa gareta, tare da yin abin da yake son yi ba tare da matsala ba. In kuwa haka ne, a ina ne wannan babbar manhajar kwamfuta ke adana wannan “Password” din da ake shigar mata a yayin da mai mu’amala da ita ya zo shiga huruminsa? Shin, ko mai karatu ya taba yi wa kansa ko waninsa wannan tambayar? In eh, wace amsa ka samu?
Babbar manhajar Windows na adana dukkan “Password” din da aka shigar mata tabbas, amma ba a iya isa ga jakar bayanan da ke dauke da wadannan “Password” din idan kwamfutar tana kunne. Da farko dai, Windows kan adana “Password” din ka shigar mata ne a wani burgamin adana bayanai mai suna: Sam Folder. A hakan ma, ba za ka iya ganin “Password” din balo-balo ba. Domin tana adana su ne ta amfani da tsarin NTLM, wato NT LAN Manager. Wannan ka’ida ta adana “Password”, duk da cewa kwararru a harkar sadarwa da kariyar bayanai sun nuna yana da rauni, amma har yanzu da shi kamfanin Microsoft ke amfani wajen adana “Password” din masu kwamfuta. Titin da ake bi wajen isa ga wannan burgamin bayanai mai suna Sam shi ne: C:\WINDOWSystem32\Configam
Wannan titi ne mai saukin isa gare shi, amma bayan an kashe kwamfutar. Idan kwamfutar na kunne ba za ka iya isa gare ta ba. To, me wannan adireshi yake nufi? Da farko dai, harafin “C” da ke farkon adireshin na ishara ne ga hakikanin ma’adanar kwamfutar da ke dauke da babbar manhajar kwamfutar gaba daya, wato: Dribe C. Kalmar “WINDOWS” kuma babbar burgamin da ke dauke da dukkan bayanan da suka shafi babbar manhajar Kenan. Ma’anar “burgami” shi ne: “Folder.” Kana shiga wannan burgami na WINDOWS sai ka gangara zuwa burgami mai suna: “System32” haka yake a rubuce. Kana shiga ciki, sai ka zarce burgami mai suna: “Config,” wanda a cikinsa ne burgamin “Sam” yake. Idan ka shiga cikin burgamin “Sam” za ka ci karo da hakikanin jakar da ke dauke da “Password” dinka, idan kwamfutar taka ce.
Sai dai kamar yadda na fada a baya, ba za ka iya isa ga wannan bayani ba idan a kan kwamfutar kake, domin tana kunne ne kuma ba za ta ba ka dama ba. To meye abin yi? Kana iya kashe kwamfutar, sai ka cire babbar ma’adanarta, wato: Hard Disk Dribe (HDD), ka samu wata kwamfutar ka jona mata, don ganin dukkan bayanan da ke ciki. Daga nan sai kawai ka zarce wancan jakar bayanai don kwaso jakar dake dauke da “Password” din. Idan hakan zai maka wahala, akwai wata hanya. Kana iya samun faifan CD/DbD mai dauke da babbar manhajar Linud (kamar nau’in “Backtrack 5” ko kuma “Kali Linud”), sai ka shigar wa kwamfutar a sadda take kunne, sannan ka kashe ka sake kunna ta (Restart), da zarar ta fahimci samuwar wannan CD/DbD nan take za ta tambayeka ko kana son lodawa ne, sai kace eh, ta hanyar matsa kowane maballin shigar da bayanai dake ka allon shigar da bayanai. Wannan zai loda babbar manhajar, ta hanyar baka zabi kan yadda kake son amfani da ita a kwamfutar. Ka zabi cewa za ka yi amfani dashi ne ta hanyar CD/DbD kadai. Wannan zai baka damar shiga kai tsaye ba tare da an goge maka babbar manhajar kwamfutar Windows dinka ba. Wannan shi ake kira: Booting From Libe CD/DbD.
Da zarar ka shiga sai ka gangara kan burgamin da ke dauke da babbar manhajar Windows kasai ka bi titin da aka ayyana a baya don isa ga burgamin Sam dake dauke da “Password” dinka. Bayan ka samu “Password” din, dole sai ka yi amfani da daya daga cikin manhajojin da ke iya tacewa, tare da kwance “Password” kafin ka ga hakikanin bayanan da “Password” din ya kunsa.
Bayan wancan titi har wa yau, kana iya amfani da wani titin daban, don isa cikin sauki. Wannan titi mafi sauki shi ne: %winDir%\system32onfig\sam. Sai dai idan kana son amfani da wannan titi, to, dole sai ka je “Start”, a bangaren dama daga kasa za ka ga alamar “Run” sai ka matsa. Idan ya budo sai ka shigar da adireshin. Sai dai kamar yadda nace, ba za ka iya isa ga mahallin ba sai kwamfutar tana kashe. Shi ya sa da zarar ka shigar da adireshi (in ka hada da kalmar “Sam”) za a ce maka Windows ba zai ba ka damar isa ga mahallin da ka bukata ba.
