{"id":222665,"date":"2019-09-15T15:05:28","date_gmt":"2019-09-15T13:05:28","guid":{"rendered":"https:\/\/www.borncity.com\/blog\/?p=222665"},"modified":"2022-12-24T01:34:26","modified_gmt":"2022-12-24T00:34:26","slug":"passwort-prfung-fr-active-directory","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2019\/09\/15\/passwort-prfung-fr-active-directory\/","title":{"rendered":"Passwort-Pr&uuml;fung f&uuml;r Active Directory"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" src=\"https:\/\/borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\" width=\"40\" height=\"47\" align=\"left\" \/>Einfach mal die im Active Directory (AD) verwendeten Kennw\u00f6rter gegen eine Liste von 2,5 Milliarden kompromittierter Kennw\u00f6rter pr\u00fcfen? Und das kostenlos per Windows-Tool?<\/p>\n<p><!--more--><\/p>\n<p>Das Tool NebulousAD v1.1 soll dies erm\u00f6glichen. Freeware, und im Quellcode verf\u00fcgbar, lehnt es sich an die Idee von Troy Hunt mit seiner Seite <a href=\"https:\/\/haveibeenpwned.com\/Passwords\" target=\"_blank\" rel=\"noopener noreferrer\">Have I been Pwned<\/a> an. Es kann die Kennw\u00f6rter in einem Active Directory abfragen, und die ersten ersten Zeichen eines Hash-Werts f\u00fcr ein Kennwort per API an eine Datenbank mit kompromittierten Kennw\u00f6rter zur \u00dcberpr\u00fcfenung \u00fcbertragen.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">Check passwords in Active Directory against 2.5 billion breached passwords\u2014for free\u2014now with more privacy! NebulousAD v1.1 has been released <a href=\"https:\/\/t.co\/YtPY0atrWY\">https:\/\/t.co\/YtPY0atrWY<\/a><\/p>\n<p>\u2014 NuID (@_NuID) <a href=\"https:\/\/twitter.com\/_NuID\/status\/1171912990679080966?ref_src=twsrc%5Etfw\">September 11, 2019<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Ich selbst habe das Tool (mangels AD-Umgebung) nicht getestet. Aber es klingt vielversprechend \u2013 Details lassen sich auf <a href=\"https:\/\/web.archive.org\/web\/20220707101000\/https:\/\/blog.nuid.io\/nebulousad-v1-1-with-k-anonymity\/\" target=\"_blank\" rel=\"noopener noreferrer\">dieser Webseite<\/a> abrufen.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Einfach mal die im Active Directory (AD) verwendeten Kennw\u00f6rter gegen eine Liste von 2,5 Milliarden kompromittierter Kennw\u00f6rter pr\u00fcfen? Und das kostenlos per Windows-Tool?<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[426],"tags":[6712,4328],"class_list":["post-222665","post","type-post","status-publish","format-standard","hentry","category-sicherheit","tag-active-directory","tag-sicherheit"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/222665","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=222665"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/222665\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=222665"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=222665"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=222665"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}