CN110635914B - Weak password detection method - Google Patents
Weak password detection method Download PDFInfo
- Publication number
- CN110635914B CN110635914B CN201910901157.4A CN201910901157A CN110635914B CN 110635914 B CN110635914 B CN 110635914B CN 201910901157 A CN201910901157 A CN 201910901157A CN 110635914 B CN110635914 B CN 110635914B
- Authority
- CN
- China
- Prior art keywords
- password
- weak password
- characters
- weak
- detection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/26—Testing cryptographic entity, e.g. testing integrity of encryption key or encryption algorithm
Abstract
The application relates to a weak password detection method and a weak password detection system, which comprises a weak password dictionary generated from two sources of a password dictionary base and a social I-shaped password leaked from the Internet; selecting a specified detection range; judging whether the weak password dictionary can be normally logged in to judge whether the equipment service has a weak password; the weak password is analyzed and a detection report is sent to the administrator. Wherein, an attribute subset is formed in the generation of the social worker type password according to each user attribute; separating into descriptor rules according to the connectors in the social work password description language; generating a corresponding codon set according to each descriptor rule; and finally combining the password subset into a password dictionary. The detection system comprises a weak password dictionary table, a detection task module, a task execution module and a weak password storage and analysis module. The weak password detection method can further overcome the defects of the existing weak password dictionary, so that the weak passwords can be effectively detected in different service scenes, and the working efficiency is improved.
Description
Technical Field
The invention belongs to the technical field of computer security, and particularly relates to a weak password detection method.
Background
Weak passwords are generally considered weak passwords that are easily guessed by others or broken by a cracking tool. A weak password refers to a password containing only simple numbers and letters, such as "123", "abc", etc., because such passwords are easily broken by others, thus exposing the user's computer to risk and thus not recommending use by the user.
In the existing weak password cracking method, in order to compare the password on the equipment with the weak password dictionary, firstly, the ciphertext password obtained from the equipment needs to be cracked violently. Brute force cracking is to adopt an exhaustion method, calculate passwords one by one according to certain rules and algorithms until a real password is found, on one hand, the existing weak password dictionary is not perfect enough, and the situation that the password is easy to be missed in the detection process is solved, and on the other hand, the existing weak password detection method has low weak password cracking efficiency, insufficient weak password finding capability and influences the working efficiency.
Disclosure of Invention
To overcome, at least to some extent, the problems in the related art, applicants have provided weak password detection methods and detection systems. The weak password dictionary can further overcome the defects of the existing weak password dictionary so as to be adapted to different service scenes, and can effectively detect the weak password, thereby improving the working efficiency.
In order to achieve the above object, one aspect of the present invention provides a weak password detection method, which comprises the following steps:
generating a weak password dictionary from two sources of a password dictionary base and a social worker type password leaked from the Internet;
selecting a designated detection range by using a detection task module;
judging whether the weak password dictionary can be normally logged in to judge whether the equipment service has a weak password;
and storing the weak password service detected by the task execution module, analyzing the weak password and sending a detection report to an administrator.
Further, the social worker password is generated according to the following rules:
acquiring user attributes;
forming an attribute subset according to each user attribute;
inputting a social work password description language rule;
separating into descriptor rules S according to the connector in the social work password description language i ;
According to each descriptor rule S i Generating a corresponding set of codons E i ;
Combining the sets of ciphers into a dictionary of ciphers D = { E = { (E) 1 E 2 ……E n }。
Further, each character in the social work password rule is defined as follows: the password input method comprises the following steps of (1) including four password main body characters and five rule characters for limiting the password main body characters; wherein
The password main body characters comprise fixed characters, optional characters, user attribute characters and numeric characters;
fixed characters refer to the appearance of a specified character at a specified position;
the selection type character refers to 1 type of selected character set which appears at a designated position, and elements needing to be selected are represented by () inside;
the user attribute characters refer to characters appearing in user attributes, and the user attributes comprise user names, unit information, telephone information, birthday information, place of birth, identity card information and the like;
the number character is from small value to maximum value, the expression is [ min: max ], if it is used in part of the cipher directly, according to the maximum bit length, the insufficient bit is supplemented with 0;
the rule characters include repetitive characters, fragment selection characters, connection characters and escape characters; wherein
Repetitive character: repeating the main characters of the former password by using an operator;
segment selection characters: using # to describe, # m: n, indicates that a contiguous string of m to n bits may be selected as part of the cipher;
selecting characters: using | symbolic representation to represent that one character is selected from various rules;
connection characters: connection character usage & symbols, representing connections of various characters;
escape character: the appearance of |% [ ] () { } \ & ^ characters in the password requires adopting \ to escape.
Furthermore, the descriptor is divided into n descriptor rules { S ] according to the connector in the social work password description language 1 ,S 2 ……S n Each sub-rule S i Corresponding fixed characters, optional characters, user attribute characters, and numeric characters.
Further, the process of describing the sub-rule to generate the codon subset is as follows:
firstly, a sub-description rule is obtained and a rule character S is judged i Type of (d); wherein the content of the first and second substances,
if the acquired subdescripting rule type is a numeric character, a subset E is formed from min to max values in the definition i ;
If the obtained sub-description rule type is a fixed character, the fixed character is a character string fixed by a user, and the character string forms a set E with only one element i ;
If the obtained sub-description rule type is a selective character, a set is formed separately for each item in the selectable character string list, so that a codon set E is formed i ;
If the obtained sub-description rule type is the user attribute character, obtaining the corresponding attribute input by the user to form a set E i 。
Further, if the acquired sub-description rule type is a user attribute character, the method also comprises the step of judging whether a fragment selection character exists;
if so, carrying out fragment selection on each element in the set, and intercepting part of character strings item by item to form a new set to form a codon set E i (ii) a If not, directly forming a new set;
the method also comprises the step of describing a sub-rule to generate a password subset and needing repeated character judgment, and the specific steps are as follows:
each E i Judging whether the symbol has repeatability; if not, adding the formed codon set into a codon set list; if so, each element is repeated and a new subset E is formed i And then adding the codon set list.
Further, before determining whether the weak password dictionary can be normally logged in to determine whether the device service has a weak password, the method further comprises the following steps:
and judging which devices in the detection range open related services, if the ports are not default ports, specifying in the detection task module, and listing IP lists needing to be detected in the detection range.
Further, the user name and the password in the weak password dictionary are arranged and combined, a local client program is called or codes written directly according to a network protocol are sent to the specified service in sequence, whether the weak password dictionary can be normally logged in to judge whether the equipment service has the weak password or not can be judged, if yes, the weak password is stored in the weak password storage module, and if not, the next combination is entered for detection.
Furthermore, in the detection method, an IP detection list and weak password fragment areas are divided, and each fragment area is provided with a thread;
if the detection of the weak password is a periodic detection task, the weak password detected in the last detection is called preferentially to detect again to judge whether the password is modified.
Another aspect of the present invention provides a weak password detection system for performing weak password detection in a manner of locally connecting to a remote service; the weak password detection system includes:
the weak password dictionary table is different in components according to different services, dictionaries of the user name and the password are respectively stored by the user name table and the password table, and a weak password generator is used for generating a real weak password dictionary by utilizing the permutation and combination of the user name and the password in a detection system; each service corresponds to a weak password dictionary table; the weak password dictionary source is divided into two types, namely an internet-exposed weak password dictionary and a social worker type weak password dictionary;
the detection task module is used for selecting a specified detection range;
the task execution module is used for judging whether the weak password dictionary can be normally logged in to judge whether the equipment service has a weak password;
and the weak password storage and analysis module is used for storing the weak password service detected by the task execution module, analyzing the weak password and sending a detection report to an administrator.
Further, the detection system comprises: perfecting the exposed weak password in the Internet into a weak password dictionary exposed by the Internet in real time;
on the other hand: the weak password used by the user is related to the current service, and in the social weak password dictionary, a password dictionary is generated according to the user attribute and one or more of the user name, unit information, telephone information, birthday information, place of birth and identity card information.
Further, the designated range selected in the detection task module at least includes one of a selection IP detection list, a selection detection service, a selection execution time and a task execution period.
Further, the task execution module further includes a determining module, where the determining module is configured to determine which devices in the detection range open related services, and if the port is not the default port, the determining module needs to specify the port in the detection task module to list the IP list that needs to be detected within the detection range.
Further, the user name and the password in the weak password dictionary are arranged and combined, a local client program is called or codes written directly according to a network protocol are sent to the specified service in sequence, whether the weak password dictionary can be normally logged in to judge whether the equipment service has the weak password or not can be judged, if yes, the weak password is stored in the weak password storage module, and if not, the next combination is entered for detection.
The technical scheme provided by the embodiment of the application can have the following beneficial effects: the weak password dictionary sources are divided into two types, namely an internet-exposed weak password dictionary and a social worker type weak password dictionary; compared with the production of the social weak password dictionary in the prior art, the method is a core technical point of the invention, the dictionaries of the user name and the password are respectively stored by the user name table and the password table, and the weak password generator is used for generating a real weak password dictionary by utilizing the permutation and combination of the user name and the password table in the detection system; each service corresponds to a weak password dictionary table; the user name and the password in the weak password dictionary are arranged and combined, a local client program is called or a code written directly according to a network protocol, the arrangement and combination of the user password are sequentially sent to a specified service, whether the weak password dictionary can normally log in to judge whether the equipment service has the weak password or not can be judged, the defects of the existing weak password dictionary can be further overcome, the weak password can be effectively detected in different service scenes in a matching mode, and the working efficiency is improved.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present application and together with the description, serve to explain the principles of the application.
FIG. 1 is a flow chart of the weak password detection method of the present invention;
FIG. 2 is a flowchart of the social worker weak password generation rule of the present invention;
FIG. 3 is a flow diagram of the present invention for generating a codon set according to a descriptor rule;
FIG. 4 is a schematic diagram of the weak password detection system of the present invention.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
As shown in fig. 1, on one hand, this embodiment provides a weak password detection method, and the specific detection method includes the following steps:
generating a weak password dictionary from two sources of a password dictionary base and a social worker password leaked from the Internet;
selecting a specified detection range by using a detection task module;
judging whether the weak password dictionary can be normally logged in to judge whether the equipment service has a weak password;
and storing the weak password service detected by the task execution module, analyzing the weak password and sending a detection report to an administrator.
As shown in fig. 2, the generation rule of the social form password of the present invention is described, and the specific text is as follows:
acquiring user attributes; including but not limited to user name, telephone information, birthday information, place of birth, unit information, wherein each description must have corresponding name and attribute identification;
forming an attribute subset according to each user attribute; the method is convenient for generating a subsequent password dictionary base, and the forming rule is to generate all-lower-case, all-upper-case, first-letter upper-case and the like;
inputting a social work password description language rule; specific rules will be described in detail below.
Separating into descriptor rules according to the connectors in the social work password description language; in the step, the drawing is divided into n descriptor rules { S ] according to the connector in the social work password description language 1 ,S 2 ……S n Each sub-rule Si will correspond to a fixed character, a choice character, a user attribute character and a numeric character.
Generating a corresponding codon set E according to each descriptor rule n (ii) a Combining the sets of ciphers into a dictionary of ciphers D = { E = { (E) 1 E 2 ……E n }。
In order to detail the present invention, the definition of each character in the social security rule is described as follows:
the characters in the social work password rule are defined as follows: the password input method comprises the following steps of (1) including four password main body characters and five rule characters for limiting the password main body characters; wherein
The password main body characters comprise fixed characters, optional characters, user attribute characters and numeric characters;
fixed characters refer to the appearance of a specified character at a specified position;
the selective character refers to 1 type of character set appearing at a designated position, and elements needing to be selected are represented by () inside; such as (! @ # $% & \)
The user attribute characters refer to characters appearing in user attributes, and the user attributes comprise user names, unit information, telephone information, birthday information, place of birth, identity card information and the like;
the number characters are from small value to maximum value, the expression is [ min: max ], if the number characters are directly used for one part of the password, the number characters are processed by 0 complementing before the number characters are insufficient according to the maximum bit length; for example [ 0.
The rule characters comprise repetitive characters, fragment selection characters, connection characters and escape characters; wherein
Repetitive character: repeating the main characters of the former password by using an operator; for example, repeat 5 times with 5, repeat 3 to 5 times with 3:5;
segment selection characters: using # to describe, # m: n, indicates that a contiguous string of m to n bits may be selected as part of the cipher; for example, # is used to describe, # [3:6] indicating that a continuous 3 to 6 bit string may be selected as part of a cipher;
selecting characters: the | sign representation is used to indicate that one of the characters is selected from the respective rules.
Connection characters: connection character usage & symbols, representing connections of various characters; representing the connection of various characters, and fixing the character continuity without using & symbols;
escape character: the special characters, |% [ ] () } \ & ^ need to be employed \ to escape when appearing in the password rule.
To further detail the present invention, it is now additionally explained that the user attributes in the social form generation rule are described as follows:
{%option%}
wherein% option% can be replaced by:
% name-phonetic abbreviation of name and name, capital letters, etc
% deptname _ cn% -unit information
% deptname _ en% -unit information English
% phone no% -phone information
% birthday% -birthday information may be respectively exhaustively expressed as yyyMMdd, yMd, MMdd, yyMMdd, for example, corresponding to 19890101,8911,0101,890101 on 1/1989
% ID% -identity card information
For example, 1,password & (| @ # $% \\ \ & \\\\) and [0 ] then indicates that beginning with password, the middle character! @ # $% & () is chosen randomly and ends with a two-digit number. 1000 dictionary combinations can be generated by this variation.
For example 2% &% birthday% ID # [6:8]% the rule may be generated as a combination of name and birthday or the name combined with consecutive 6 to 8 bits in the identification card information.
Generating the cryptographic dictionary may include generating a plurality of rules.
In this embodiment, the internet exposes a weak password dictionary and a social worker weak password dictionary. Due to different services, the weak password used by the user may be related to some services, such as the username in ssh often used root, the username and password in mssql often used sa, and so on. Thus collected for different services; the social weak password is then for user attributes, including: user name, telephone information, birthday information, place of birth, unit information, etc. to generate a password dictionary.
Such as: zhang III (Zhang san), 15912345678, 19890101, beijing, tencent (Tencent, tengxun);
the adopted social worker password rule is as follows:
%name%|%deptname_cn%|%deptname_en%&%[0:999]%|%birthday%
generating the password dictionary may be:
Zhangsan
zhangsan123
zhangsan890101
zs000000
beijing890101
tencent123
tengxun0000
and the generated passwords are just examples, and the weak passwords can be generated by the trueness according to the social worker information and the combination rules. For another example, a unit obtains the initial password of the unit through the social information as password!01, then a 01 change of 01-99 can be generated according to this rule! Become! @ # $% & () (special characters are numbered on the keyboard), then the social password rule is: password & (| @ # $% & \\\\)) &% [0 ].
As shown in fig. 3, the present embodiment provides the following steps describing the process of generating a codon subset by a sub-rule:
firstly, a sub-description rule is obtained and a rule character S is judged i The type of (d); (i represents the ith sub-description rule), where the sub-rules are divided into four types that form sub-sets:
if the acquired subdescripting rule type is a numeric character, a numeric character string set is formed, and a subset E is formed from min to max in the definition i ;
If the obtained sub-description rule type is a fixed character, a specific character string set is formed, the fixed character is a character string fixed by a user, and the character string forms a set E with only one element i ;
If the obtained sub-description rule type is a selective character, each character is independently split to form a set, and each item in the selectable character string list is independently formed into a set, so that a codon set E is formed i ;
If the obtained sub-description rule type is the user attribute character, obtaining the corresponding attribute input by the user to form a set E i 。
It should be further explained that, if the acquired sub-description rule type is a user attribute character, the method further includes the step of judging whether there is a fragment selection character;
if so, carrying out fragment selection on each element in the set, and intercepting part of character strings item by item to form a new set to form a codon set E i (ii) a If not, directly forming a new set;
from the overall step, the process of generating the code subset by the descriptor rule further includes the step of judging repetitive characters required for generating the code subset by the descriptor rule, and the specific steps are as follows:
each E i Judging whether the symbol has a repeatability symbol; if not, adding the formed codon set into a codon set list; if so, each element is repeated and a new subset E is formed i And then add the codon set list.
As a preferred implementation manner, in this embodiment, before determining whether the weak password dictionary can be normally logged in to determine whether the device service has a weak password, the method further includes the steps of:
and judging which devices in the detection range open related services, if the ports are not default ports, specifying in the detection task module, and listing IP lists needing to be detected in the detection range.
As a preferred implementation manner, in this embodiment, the user name and the password in the weak password dictionary are arranged and combined, a local client program is called or a code written directly according to a network protocol is sent to the specified service in sequence, it can be determined whether the weak password dictionary can log in normally to determine whether the device service has a weak password, if yes, the weak password is stored in the weak password storage module, and if not, the next combination is entered for detection.
As a preferred implementation manner, in this embodiment, in the detection method, an IP detection list and a weak password fragment are partitioned, and each fragment is a thread;
if the detection of the weak password is a periodic detection task, the weak password detected in the last detection is called preferentially to detect again to judge whether the password is modified.
It should be noted that, in the social weak password dictionary in the embodiment, a password dictionary is generated for one or a combination of two or more of user attributes, user name, unit information, telephone information, birthday information, place of birth, identification card information, and the like; the designated range selected in the detection task module at least comprises one of a selection IP detection list, a selection detection service, a selection execution time and a task execution period.
As shown in fig. 4, in one aspect, the present embodiment provides a weak password detection system, which is used for performing weak password detection in a manner of locally connecting to a remote service; the weak password detection system includes:
the weak password dictionary table is used for storing dictionaries of the user name and the password respectively, and a weak password generator is used for generating a real weak password dictionary by utilizing the permutation and combination of the user name and the password in the detection system; each service corresponds to a weak password dictionary table; the weak password dictionary source is divided into two types, namely an internet-exposed weak password dictionary and a social worker type weak password dictionary;
the detection task module is used for selecting a specified detection range;
the task execution module is used for judging whether the weak password dictionary can be normally logged in to judge whether the equipment service has a weak password;
and the weak password storage and analysis module is used for storing the weak password service detected by the task execution module, analyzing the weak password and sending a detection report to an administrator.
The weak password dictionary table in the weak password detection system provided in this embodiment is further described as follows: this detection system one side: perfecting the exposed weak password in the Internet into a weak password dictionary exposed by the Internet in real time; on the other hand: the weak password used by the user is related to the current service, and in the social weak password dictionary, a password dictionary is generated according to the user attribute, one or more of the user name, unit information, telephone information, birthday information, place of birth and identity card information.
In the embodiment, the weak password dictionary is divided into two parts (user name and password), part of services only have the password, the following weak password dictionary also has different components according to different services, for example, ssh service has the user name and the password, redis and part of web services only have the password, and the weak password dictionary is collectively called herein; generally, in order to save storage space, two part dictionaries of user name and password are stored by a user name table and a password table respectively, and a true weak password dictionary is generated by using the permutation and combination of the two parts in a detection system.
As a preferred implementation manner, the designated range selected in the detection task module in this embodiment at least includes one of a selection IP detection list, a selection detection service, a selection execution time, and a task execution period. The specified detection range is selected, such as 192.168.0.1/24 subnet, and the execution time is selected, so that many services try to select idle time when the services are idle in order not to interfere with normal execution. Task execution period, etc., an execution period, such as month, week, day, etc., or a one-time task, etc., may be specified. Detected services, such as ssh, mysql, VNC, etc., are selected, and each service corresponds to a weak password dictionary table.
As a preferred implementation manner, the task execution module in this embodiment further includes a determining module, where the determining module is configured to determine which devices in the detection range open related services, and the determining module may determine, by performing port scanning by nmap, that is, for example, a default ssh opens a 22 port, mysql is 3306, and if the port is not the default port, the determining module needs to specify in the detection task module, and list an IP list that needs to be detected in the detection range.
And (3) permutation and combination are carried out on the user name and the password in the weak password dictionary, a local client program is called or a code written directly according to a network protocol is called, the permutation and combination of the user password are sequentially sent to related services, whether the weak password dictionary can be normally logged in to judge whether the equipment service has the weak password or not can be judged, if yes, the weak password is stored in a weak password storage module, and if not, the next combination is entered for detection. In order to accelerate the detection speed, the detection list and the weak password are partitioned, and each partition is provided with one thread.
If the detection of the weak password is a periodic detection task, the weak password detected in the previous detection is called first and then detection is performed again to determine whether the password is modified.
The weak password dictionary sources are divided into two types, namely an internet-exposed weak password dictionary and a social worker type weak password dictionary; the dictionaries of the user name and the password are respectively stored by a user name table and a password table, and a weak password generator is used for generating a real weak password dictionary by utilizing the permutation and combination of the user name and the password in the detection system; each service corresponds to a weak password dictionary table; the user name and the password in the weak password dictionary are arranged and combined, a local client program is called or a code written directly according to a network protocol is called, the arrangement and combination of the user password are sequentially sent to a specified service, whether the weak password dictionary can be normally logged in to judge whether the equipment service has the weak password or not can be judged, the defects of the existing weak password dictionary can be further overcome, the weak password can be effectively detected in different service scenes in a matching mode, and the working efficiency is improved.
It is understood that the same or similar parts in the above embodiments may be mutually referred to, and the same or similar parts in other embodiments may be referred to for the content which is not described in detail in some embodiments.
In the description of the present specification, reference to the description of "one embodiment," "some embodiments," "an example," "a specific example," or "some examples" or the like means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present application. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
Although embodiments of the present application have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present application, and that variations, modifications, substitutions and alterations may be made to the above embodiments by those of ordinary skill in the art within the scope of the present application.
Claims (3)
1. A weak password detection method, characterized by: the detection system used by the detection method comprises:
the weak password dictionary table is used for storing dictionaries of the user name and the password respectively, and a weak password generator is used for generating a real weak password dictionary by utilizing the permutation and combination of the user name and the password in the detection system; each service corresponds to a weak password dictionary table; the weak password dictionary source is divided into two types, namely an internet-exposed weak password dictionary and a social worker type weak password dictionary;
the detection task module is used for selecting a specified detection range;
the task execution module is used for judging whether the weak password dictionary can be normally logged in to judge whether the equipment service has a weak password;
the weak password storage and analysis module is used for storing the weak password service detected by the task execution module, analyzing the weak password and sending a detection report to an administrator;
the detection method comprises the following steps:
generating a weak password dictionary from two sources of a password dictionary base and a social worker password leaked from the Internet;
selecting a specified detection range by using a detection task module;
judging whether the weak password dictionary can be normally logged in to judge whether the equipment service has a weak password;
storing the weak password service detected by the task execution module, analyzing the weak password and sending a detection report to an administrator;
the generation rule of the social type password is as follows:
acquiring user attributes;
forming an attribute subset according to each user attribute;
inputting a social work password description language rule;
separating into descriptor rules according to the connectors in the social work password description language;
generating a corresponding codon set E according to each descriptor rule n ;
Combining the sets of ciphers into a dictionary of ciphers D = { E = { (E) 1 E 2 ……E n };
The characters in the social work password rule are defined as follows: the password input method comprises the following steps of (1) including four password main body characters and five rule characters for limiting the password main body characters; wherein
The password main body characters comprise fixed characters, optional characters, user attribute characters and numeric characters;
fixed characters refer to the appearance of a specified character at a specified position;
the selection type character refers to 1 type of selected character set which appears at a designated position, and elements needing to be selected are represented by () inside;
the user attribute characters refer to characters appearing in user attributes, and the user attributes comprise user names, unit information, telephone information, birthday information, places of birth and identity card information;
the number characters are from small value to maximum value, the expression is [ min: max ], if the number characters are directly used for one part of the password, the number characters are processed by 0 complementing before the number characters are insufficient according to the maximum bit length;
the rule characters comprise repetitive characters, fragment selection characters, connection characters and escape characters; wherein
Repetitive character: repeating the main characters of the former password by using an operator;
segment selection characters: using # to describe, # m: n, indicates that a contiguous string of m to n bits may be selected as part of the cipher;
selecting characters: using | symbolic representation, representing that one character is selected from each rule;
connection characters: connection character use & symbols, representing connections of various characters;
escape character: the appearance of |% [ ] () { } \ & ^ characters in the password requires adopting \ to escape;
dividing the social work password description language into n descriptor rules { S } 1 ,S 2 ……S n Each sub-rule S i Corresponding fixed characters, optional characters, user attribute characters and numeric characters;
the process of describing the sub-rule to generate the codon subset is as follows:
firstly, a sub-description rule is obtained and a rule character S is judged i Type of (d); wherein the content of the first and second substances,
if the acquired subdescripting rule type is a numeric character, a subset E is formed from min to max values in the definition i ;
If the acquired sub-description rule type is a fixed character, the fixed character is a character string fixed by a user, and the character string only forms a character stringSet of elements E i ;
If the obtained sub-description rule type is a selective character, a set is formed separately for each item in the selectable character string list, so that a codon set E is formed i ;
If the obtained sub-description rule type is the user attribute character, obtaining the corresponding attribute input by the user to form a set E i ;
If the acquired sub-description rule type is a user attribute character, the method also comprises the step of judging whether a fragment selection character exists;
if so, carrying out fragment selection on each element in the set, and intercepting part of character strings item by item to form a new set to form a codon set E i (ii) a If not, directly forming a new set;
the method also comprises the step of describing a sub-rule to generate a password subset and needing repeated character judgment, and the specific steps are as follows:
each E i Judging whether the symbol has repeatability; if not, adding the formed codon set into a codon set list; if so, repeat each element and form a new subset E i Then adding a codon set list;
the user name and the password in the weak password dictionary are arranged and combined, a local client program is called or a code written directly according to a network protocol is called, the arrangement and combination of the user password are sequentially sent to a specified service, whether the weak password dictionary can be normally logged in to judge whether the equipment service has the weak password or not can be judged, if yes, the weak password is stored in a weak password storage module, and if not, the next combination is entered for detection;
in the detection method, an IP detection list and weak password fragment areas are divided, and each fragment area has a thread;
if the detection of the weak password is a periodic detection task, the weak password detected in the last detection is called preferentially to detect again to judge whether the password is modified.
2. The weak password detection method of claim 1, wherein: before judging whether the weak password dictionary can be normally logged in to judge whether the equipment service has a weak password, the method also comprises the following steps:
and judging which devices in the detection range open related services, if the ports are not default ports, specifying in the detection task module, and listing IP lists needing to be detected in the detection range.
3. The weak password detection method of claim 2, wherein: this detection system one side: perfecting the exposed weak password in the Internet into a weak password dictionary exposed by the Internet in real time;
on the other hand: the weak password used by the user is related to the current service, and in the social weak password dictionary, a password dictionary is generated aiming at the user attribute, wherein the user attribute comprises one or more than two of user name, unit information, telephone information, birthday information, place of birth and ID card information;
the designated range selected in the detection task module at least comprises one of a selection IP detection list, a selection detection service, a selection execution time and a task execution period;
the task execution module also comprises a judging module, wherein the judging module is used for judging which devices in the detection range open related services, if the ports are not default ports, the devices need to be specified in the detection task module, and an IP list needing to be detected in the detection range is listed;
the user name and the password in the weak password dictionary are arranged and combined, a local client program is called or a code written directly according to a network protocol is called, the arrangement and combination of the user password are sequentially sent to a specified service, whether the weak password dictionary can be normally logged in to judge whether the equipment service has the weak password or not can be judged, if yes, the weak password is stored in a weak password storage module, and if not, the next combination is entered for detection.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910901157.4A CN110635914B (en) | 2019-09-23 | 2019-09-23 | Weak password detection method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910901157.4A CN110635914B (en) | 2019-09-23 | 2019-09-23 | Weak password detection method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110635914A CN110635914A (en) | 2019-12-31 |
| CN110635914B true CN110635914B (en) | 2022-11-18 |
Family
ID=68973352
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910901157.4A Active CN110635914B (en) | 2019-09-23 | 2019-09-23 | Weak password detection method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110635914B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111310169B (en) * | 2020-01-19 | 2020-10-23 | 广州数智网络科技有限公司 | Distributed weak password blasting algorithm and system |
| CN111914247A (en) * | 2020-07-15 | 2020-11-10 | 中国民航信息网络股份有限公司 | Weak password detection system, method and device |
| CN112351003A (en) * | 2020-10-23 | 2021-02-09 | 杭州安恒信息技术股份有限公司 | Weak password detection method and device, readable storage medium and computer equipment |
| CN112765594B (en) * | 2021-01-20 | 2024-03-22 | 中国工商银行股份有限公司 | Weak password detection method and device |
| CN113938312B (en) * | 2021-11-12 | 2024-01-26 | 北京天融信网络安全技术有限公司 | Method and device for detecting violent cracking flow |
| CN116582264B (en) * | 2023-07-13 | 2023-09-22 | 北京立思辰安科技术有限公司 | Data processing system for obtaining weak password |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106559222A (en) * | 2016-11-28 | 2017-04-05 | 广东省信息安全测评中心 | Target password rule set acquisition methods and system in method of exhaustion decryption |
| CN107872323A (en) * | 2017-11-06 | 2018-04-03 | 中国科学院信息工程研究所 | A kind of password security appraisal procedure and system based on user profile detection |
| CN109246111A (en) * | 2018-09-18 | 2019-01-18 | 郑州云海信息技术有限公司 | A kind of detection method and device of network equipment telnet weak passwurd |
| CN109361518A (en) * | 2018-10-16 | 2019-02-19 | 杭州安恒信息技术股份有限公司 | A kind of weak passwurd detection method, device and computer readable storage medium |
-
2019
- 2019-09-23 CN CN201910901157.4A patent/CN110635914B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106559222A (en) * | 2016-11-28 | 2017-04-05 | 广东省信息安全测评中心 | Target password rule set acquisition methods and system in method of exhaustion decryption |
| CN107872323A (en) * | 2017-11-06 | 2018-04-03 | 中国科学院信息工程研究所 | A kind of password security appraisal procedure and system based on user profile detection |
| CN109246111A (en) * | 2018-09-18 | 2019-01-18 | 郑州云海信息技术有限公司 | A kind of detection method and device of network equipment telnet weak passwurd |
| CN109361518A (en) * | 2018-10-16 | 2019-02-19 | 杭州安恒信息技术股份有限公司 | A kind of weak passwurd detection method, device and computer readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110635914A (en) | 2019-12-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110635914B (en) | Weak password detection method | |
| JP5462905B2 (en) | Protocol emulator | |
| CN108600048B (en) | Interface testing method, device, equipment and computer readable storage medium | |
| US9323944B2 (en) | Conforming passwords to a password policy | |
| CN106788995B (en) | File encryption method and device | |
| US20090204591A1 (en) | Method and arrangement for test case creation | |
| CN106533669A (en) | Device identification method, device and system | |
| US7735014B2 (en) | Device-directed default list naming for mobile electronic device | |
| US9237009B2 (en) | Disrupting offline password attacks | |
| KR20000077128A (en) | Spelling correction for two-way mobile communication devices | |
| CN109617680A (en) | Encryption method, device, equipment and medium | |
| CN106357841A (en) | Domain name resolution method, device and system | |
| Hsiao et al. | A study of user-friendly hash comparison schemes | |
| EP2901643A1 (en) | An apparatus for, a method of, and a network server for detecting data patterns in a data stream | |
| CN103763104B (en) | A kind of method and system of dynamic authentication | |
| Kopal | Solving Classical Ciphers with CrypTool 2. | |
| CN106789058B (en) | Proxy re-encryption algorithm description and analysis method | |
| CN109117670A (en) | A kind of realization shear plate data encryption and decryption method, apparatus and hardware device | |
| CN110933063A (en) | Data encryption method, data decryption method and equipment | |
| Ostwald et al. | Modern breaking of Enigma ciphertexts | |
| CN112199412A (en) | Payment bill processing method based on block chain and block chain bill processing system | |
| CN105553982B (en) | Router safety detection method and system and router | |
| CN109165513B (en) | System configuration information inspection method and device and server | |
| CN109002698B (en) | Safe input method and device for user password | |
| JP2017182396A (en) | Information processing device, control method, and program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |