2

如何从 aspnet_Users 获取实际密码(已加密)

不使用会员资格我需要正常的选择语句并将密码转换为真实密码我尝试了以下代码作为示例

static void Main(string[] args)
        {
            using (PMAEntities context = new PMAEntities())
            {

                var Query = from U in context.aspnet_Users
                            join M in context.aspnet_Membership on U.UserId equals M.UserId
                            where U.UserName == "admin"
                            select new
                            {
                                password = (string)M.Password,
                                salt = (string)M.PasswordSalt

                            };
                if (Query != null)
                {
                    // Convert the input password to bit array
                    System.Text.UTF8Encoding encoding = new System.Text.UTF8Encoding();
                     byte[] inputpassword=  encoding.GetBytes("123456");
                     byte[] salt = encoding.GetBytes(Query.FirstOrDefault().salt);
                    byte[]commingpass = encoding.GetBytes(Query.FirstOrDefault().password);
                    // Combine the two arrays 
                    byte[] c = new byte[inputpassword.Length + salt.Length];
                     System.Buffer.BlockCopy(inputpassword, 0, c, 0, inputpassword.Length);
                     System.Buffer.BlockCopy(salt, 0, c, inputpassword.Length, salt.Length); 

                    //Comparer 

                    if(c.SequenceEqual(commingpass))
                    {
                        Console.WriteLine("Hiiiiiiiiiii");

                    }
                    Console.ReadLine();


                }






            }
        }

此致

4

1 回答 1

0

不要解密密码,正如 Aristos 所说,这是一个坏主意,因为您正在损害用户的安全性。如果您只想让用户登录,这里有一个替代解决方案: http ://www.csharpfriends.com/Articles/getArticle.aspx?articleID=344

于 2012-06-04T10:22:12.743 回答