在上一篇關于cookies欺騙的隨筆中,提到的解決方案是把密碼md5加密之后存入cookies中,確實這種方法實現了效果,不過把密碼留在客戶端等待著去被破解不是一個合適的方法,在此也感謝 @老牛吃肉 以及各位小伙伴們的熱烈討論。在這里改寫了一下方案,記錄一下。
廢話不多說直接上代碼:
先寫一個DES加密類,可以直接拿走用,所以雖然是寫DEMO也給單獨拿出來了。
1 using System; 2 using System.Data; 3 using System.Web.Security; 4 using System.Security.Cryptography; 5 using System.Text; 6 using System.IO; 7 8 /// <summary> 9 /// DES 的摘要說明10 /// </summary>11 public class DES12 {13 public DES()14 {}15 16 /// <summary>17 /// 加密18 /// </summary>19 /// <param name="Text"></param>20 /// <param name="sKey"></param>21 /// <returns></returns>22 public static string Encrypt(string Text, string sKey)23 {24 DESCryptoServicePRovider provider = new DESCryptoServiceProvider();25 byte[] bytes = Encoding.Default.GetBytes(Text);26 provider.Key = Encoding.ASCII.GetBytes(FormsAuthentication.HashPassWordForStoringInConfigFile(sKey, "md5").Substring(0, 8));27 provider.IV = Encoding.ASCII.GetBytes(FormsAuthentication.HashPasswordForStoringInConfigFile(sKey, "md5").Substring(0, 8));28 MemoryStream stream = new MemoryStream();29 CryptoStream stream2 = new CryptoStream(stream, provider.CreateEncryptor(), CryptoStreamMode.Write);30 stream2.Write(bytes, 0, bytes.Length);31 stream2.FlushFinalBlock();32 StringBuilder builder = new StringBuilder();33 foreach (byte num in stream.ToArray())34 {35 builder.AppendFormat("{0:X2}", num);36 }37 return builder.ToString();38 }39 40 41 /// <summary>42 /// 以默認密鑰加密43 /// </summary>44 /// <param name="Text"></param>45 /// <returns></returns>46 public static string Encrypt(string Text)47 {48 return Encrypt(Text, "http://www.survivalescaperooms.com/webconfig");49 }50 51 52 /// <summary>53 /// 解密54 /// </summary>55 /// <param name="Text"></param>56 /// <param name="sKey"></param>57 /// <returns></returns>58 public static string Decrypt(string Text, string sKey)59 {60 DESCryptoServiceProvider provider = new DESCryptoServiceProvider();61 int num = Text.Length / 2;62 byte[] buffer = new byte[num];63 for (int i = 0; i < num; i++)64 {65 int num3 = Convert.ToInt32(Text.Substring(i * 2, 2), 0x10);66 buffer[i] = (byte)num3;67 }68 provider.Key = Encoding.ASCII.GetBytes(FormsAuthentication.HashPasswordForStoringInConfigFile(sKey, "md5").Substring(0, 8));69 provider.IV = Encoding.ASCII.GetBytes(FormsAuthentication.HashPasswordForStoringInConfigFile(sKey, "md5").Substring(0, 8));70 MemoryStream stream = new MemoryStream();71 CryptoStream stream2 = new CryptoStream(stream, provider.CreateDecryptor(), CryptoStreamMode.Write);72 stream2.Write(buffer, 0, buffer.Length);73 stream2.FlushFinalBlock();74 return Encoding.Default.GetString(stream.ToArray());75 }76 77 78 79 /// <summary>80 /// 以默認密鑰解密81 /// </summary>82 /// <param name="Text"></param>83 /// <returns></returns>84 public static string Decrypt(string Text)85 {86 return Decrypt(Text, "http://www.survivalescaperooms.com/webconfig");87 }88 }
Login
1 protected void Page_Load(object sender, EventArgs e) 2 { 3 //為了方便演示,每次加載登錄頁面“歸零” 4 Response.Cookies["uid"].Value = "0"; 5 } 6 protected void Button1_Click(object sender, EventArgs e) 7 { 8 //驗證步驟略過,假設用戶通過驗證并且得到如下信息: 9 10 int uid = 1; //用戶唯一ID11 string username = "admin"; //用戶名12 string userpwd = "123456"; //用戶密碼13 14 string uidstr = DES.Encrypt(uid.ToString());15 16 //接下來要保存用戶登錄狀態17 Response.Cookies["uid"].Value = uidstr;18 19 //跳轉到登錄后的頁面20 Response.Redirect("Main.aspx");21 22 }23 protected void Button2_Click(object sender, EventArgs e)24 {25 //未經驗證直接進入Main.aspx26 Response.Redirect("Main.aspx");27 }
Main
1 protected void Page_Load(object sender, EventArgs e) 2 { 3 CheckLogin(); 4 } 5 6 7 private void CheckLogin() 8 { 9 10 if (Request.Cookies["uid"] != null && Request.Cookies["uid"].Value != "") //判斷cookies是否存在11 {12 int uid = 0;13 try14 {15 uid = int.Parse(DES.Decrypt(Request.Cookies["uid"].Value));16 }17 catch //捕獲 cookies參數錯誤:非正確的 DES加密格式 或者解密后類型無法轉換為int18 {19 Response.Write("您尚未登陸,<a href='login.aspx'>點此登錄</a>");20 return;21 }22 23 if (GetUserInfo(uid, "") != "") //判斷UID 是否存在24 {25 Response.Write(GetUserInfo(uid, "username") + "已登錄");26 }27 else28 {29 Response.Write("您尚未登陸,<a href='login.aspx'>點此登錄</a>");30 }31 }32 else33 {34 Response.Write("您尚未登陸,<a href='login.aspx'>點此登錄</a>");35 }36 }37 38 39 /// <summary>40 /// 模擬一個獲取用戶信息的方法41 /// 然而實際操作中需要通過ID查詢數據庫來獲取用戶信息42 /// 這里為了方便演示就直接return固定的值了43 /// </summary>44 /// <param name="uid"></param>45 /// <param name="key"></param>46 /// <returns></returns>47 private string GetUserInfo(int uid, string key)48 {49 if (uid == 1) //這里只設置uid為1的用戶,其他的UID的用戶不存在50 {51 switch (key)52 {53 case "username": return "admin";54 case "password": return "123456";55 default: return "null";56 }57 }58 else59 {60 return "";61 }62 }
最后來看測試效果:
UID是加密過的字符串,如果用戶想用通過修改cookies的方法,那么他需要滿足一下兩個條件
1,猜中其他用戶的UID
2,猜中網站DES加密的密鑰
最后通過UID和密鑰進行加密,把cookies修改為加密后的字符串
不過,第一條可能可以猜中,但是第二條,一般情況下密鑰管理的好的話是不會有太大問題的。
本例DEMO:http://files.VEVb.com/webconfig/Cookies%E6%AC%BA%E9%AA%972.rar
本文出自 低調碼農的筆記簿http://www.survivalescaperooms.com/webconfig/p/3624831.html 轉載請注明出處,如有謬誤不當之處,歡迎指正拍磚,不勝感謝!!
新聞熱點
疑難解答
