再谈Cookies欺骗

2019-11-14 16:46:17

字体：大中小

来源：转载

供稿：网友

在上一篇关于cookies欺骗的随笔中，提到的解决方案是把密码md5加密之后存入cookies中，确实这种方法实现了效果，不过把密码留在客户端等待着去被破解不是一个合适的方法，在此也感谢 @老牛吃肉以及各位小伙伴们的热烈讨论。在这里改写了一下方案，记录一下。

废话不多说直接上代码：

先写一个DES加密类，可以直接拿走用，所以虽然是写DEMO也给单独拿出来了。

 1 using System; 2 using System.Data; 3 using System.Web.Security; 4 using System.Security.Cryptography; 5 using System.Text; 6 using System.IO; 7  8 /// <summary> 9 /// DES 的摘要说明10 /// </summary>11 public class DES12 {13     public DES()14     {}15 16     /// <summary>17     /// 加密18     /// </summary>19     /// <param name="Text"></param>20     /// <param name="sKey"></param>21     /// <returns></returns>22     public static string Encrypt(string Text, string sKey)23     {24         DESCryptoServicePRovider provider = new DESCryptoServiceProvider();25         byte[] bytes = Encoding.Default.GetBytes(Text);26         provider.Key = Encoding.ASCII.GetBytes(FormsAuthentication.HashPassWordForStoringInConfigFile(sKey, "md5").Substring(0, 8));27         provider.IV = Encoding.ASCII.GetBytes(FormsAuthentication.HashPasswordForStoringInConfigFile(sKey, "md5").Substring(0, 8));28         MemoryStream stream = new MemoryStream();29         CryptoStream stream2 = new CryptoStream(stream, provider.CreateEncryptor(), CryptoStreamMode.Write);30         stream2.Write(bytes, 0, bytes.Length);31         stream2.FlushFinalBlock();32         StringBuilder builder = new StringBuilder();33         foreach (byte num in stream.ToArray())34         {35             builder.AppendFormat("{0:X2}", num);36         }37         return builder.ToString();38     }39 40 41     /// <summary>42     /// 以默认密钥加密43     /// </summary>44     /// <param name="Text"></param>45     /// <returns></returns>46     public static string Encrypt(string Text)47     {48         return Encrypt(Text, "http://www.VEVb.com/webconfig");49     }50 51 52     /// <summary>53     /// 解密54     /// </summary>55     /// <param name="Text"></param>56     /// <param name="sKey"></param>57     /// <returns></returns>58     public static string Decrypt(string Text, string sKey)59     {60         DESCryptoServiceProvider provider = new DESCryptoServiceProvider();61         int num = Text.Length / 2;62         byte[] buffer = new byte[num];63         for (int i = 0; i < num; i++)64         {65             int num3 = Convert.ToInt32(Text.Substring(i * 2, 2), 0x10);66             buffer[i] = (byte)num3;67         }68         provider.Key = Encoding.ASCII.GetBytes(FormsAuthentication.HashPasswordForStoringInConfigFile(sKey, "md5").Substring(0, 8));69         provider.IV = Encoding.ASCII.GetBytes(FormsAuthentication.HashPasswordForStoringInConfigFile(sKey, "md5").Substring(0, 8));70         MemoryStream stream = new MemoryStream();71         CryptoStream stream2 = new CryptoStream(stream, provider.CreateDecryptor(), CryptoStreamMode.Write);72         stream2.Write(buffer, 0, buffer.Length);73         stream2.FlushFinalBlock();74         return Encoding.Default.GetString(stream.ToArray());75     }76 77 78 79     /// <summary>80     /// 以默认密钥解密81     /// </summary>82     /// <param name="Text"></param>83     /// <returns></returns>84     public static string Decrypt(string Text)85     {86         return Decrypt(Text, "http://www.VEVb.com/webconfig");87     }88 }

 1     protected void Page_Load(object sender, EventArgs e) 2     { 3         //为了方便演示，每次加载登录页面“归零” 4         Response.Cookies["uid"].Value = "0"; 5     } 6     protected void Button1_Click(object sender, EventArgs e) 7     { 8         //验证步骤略过，假设用户通过验证并且得到如下信息： 9 10         int uid = 1; //用户唯一ID11         string username = "admin"; //用户名12         string userpwd = "123456"; //用户密码13 14         string uidstr = DES.Encrypt(uid.ToString());15 16         //接下来要保存用户登录状态17         Response.Cookies["uid"].Value = uidstr;18 19         //跳转到登录后的页面20         Response.Redirect("Main.aspx");21 22     }23     protected void Button2_Click(object sender, EventArgs e)24     {25         //未经验证直接进入Main.aspx26         Response.Redirect("Main.aspx");27     }

Main

 1     protected void Page_Load(object sender, EventArgs e) 2     { 3         CheckLogin(); 4     } 5  6  7     private void CheckLogin() 8     { 9 10         if (Request.Cookies["uid"] != null && Request.Cookies["uid"].Value != "") //判断cookies是否存在11         {12             int uid = 0;13             try14             {15                 uid = int.Parse(DES.Decrypt(Request.Cookies["uid"].Value));16             }17             catch //捕获 cookies参数错误：非正确的 DES加密格式 或者解密后类型无法转换为int18             {19                 Response.Write("您尚未登陆，<a href='login.aspx'>点此登录</a>");20                 return;21             }22 23             if (GetUserInfo(uid, "") != "") //判断UID 是否存在24             {25                 Response.Write(GetUserInfo(uid, "username") + "已登录");26             }27             else28             {29                 Response.Write("您尚未登陆，<a href='login.aspx'>点此登录</a>");30             }31         }32         else33         {34             Response.Write("您尚未登陆，<a href='login.aspx'>点此登录</a>");35         }36     }37 38 39     /// <summary>40     /// 模拟一个获取用户信息的方法41     /// 然而实际操作中需要通过ID查询数据库来获取用户信息42     /// 这里为了方便演示就直接return固定的值了43     /// </summary>44     /// <param name="uid"></param>45     /// <param name="key"></param>46     /// <returns></returns>47     private string GetUserInfo(int uid, string key)48     {49         if (uid == 1) //这里只设置uid为1的用户，其他的UID的用户不存在50         {51             switch (key)52             {53                 case "username": return "admin";54                 case "password": return "123456";55                 default: return "null";56             }57         }58         else59         {60             return "";61         }62     }