中国网络渗透测试联盟

标题: web.Config加密解密最简单实用方法 [打印本页]
作者: admin    时间: 2013-8-5 15:33
标题: web.Config加密解密最简单实用方法
web.config的文件多数的时候不希望别人看到,下面提供一个加密,解密的语句,简洁方便实用,先看到效果,至于加密的原理其他的网页上做了很多说明,这里只演示效果。; p4 v- b& p5 b! d- J3 T! w
  加密前的connectionStrings节点, T3 x; B* \/ a8 j7 `# j
  代码
5 Z& a0 }- E- `- c  <connectionStrings>
7 j! O: p# N( h, J; Y  <add name="SQLConnString1" connectionString="server=WJW-PC\SQL2008;user id=sa;password=12345;Initial Catalog=dbFASH;min pool size=4;max pool size=400;" />
3 b% S- v) |3 C( N7 e! h  <add name="eziyaConnectionString1" connectionString="Data Source=HOME-COMPUTER;Initial Catalog=dbFASH;Integrated Security=True;MultipleActiveResultSets=Falseacket Size=4096;Application Name=&quot;Microsoft SQL Server Management Studio&quot;"
# K6 W2 ^, U0 J( |  providerName="System.Data.SqlClient" />
2 Q6 o" D$ U: z( T( M3 K3 j  <add name="eziyaConnectionString2" connectionString="Data Source=192.168.1.200;Initial Catalog=dbFASHersist Security Info=True;User ID=taoka;MultipleActiveResultSets=Falseacket Size=4096;Application Name=&quot;Microsoft SQL Server Management Studio&quot;"+ w, K9 l7 `) m3 S. b
  providerName="System.Data.SqlClient" />
. F2 z& Z8 k, u% Z  K  <add name="eziyaConnectionString3" connectionString="Data Source=192.168.61.160;Initial Catalog=dbFASHersist Security Info=True;User ID=sa;MultipleActiveResultSets=Falseacket Size=4096;Application Name=&quot;Microsoft SQL Server Management Studio&quot;"# i# d4 A. `# Z6 l' b- D) ^  U9 k3 @
  providerName="System.Data.SqlClient" />8 H! B+ n* H+ F: K0 T4 h
  </connectionStrings>% i9 Z% a" x" H
  加密后的connectionStrings的节点/ h0 P: F7 f  ?" r
  代码
: R  r5 E+ \* |# W; `  <connectionStrings configProtectionProvider="RsaProtectedConfigurationProvider">
# C7 H0 P6 x6 w$ J* }: X  <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"
1 B% h' w3 I/ M" `! @  xmlns="http://www.w3.org/2001/04/xmlenc#"&gt;/ Z  Q. b; g  {& i
  <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />+ t9 @- s4 c3 m) Q6 o3 C9 c0 M
  <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"&gt;% i6 n* a2 X* K0 G6 e
  <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#"&gt;
4 t$ C3 A1 C* p6 G8 J6 x& e  <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
8 Z7 l- d9 A& ?+ f: B9 d  <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"&gt;
* `1 h& ]2 t6 _4 r7 [  <KeyName>Rsa Key</KeyName>  D% N/ c; u7 ^" ?- F6 f
  </KeyInfo>5 A" `0 I2 b) v& H1 X
  <CipherData>5 r# a5 ]% `' r, _
  <CipherValue>FOkydQFNniZvq71ua4XapuVCUrJFOARkXeqqwyKFoP+NGXGewehxYW0zTzIn/j+YCvH/r6ABoE/AfWMMEDyr81R1mhi4ckXbiJ2BvW612/W7f7Wkqj+FDwse+lgAISHZ5HfspaY1LBvKYAu1VEm6Iu6NlT35TPnjxFf+p5Apf0E=</CipherValue>% T! I5 F9 D4 l! t6 Q' n' _
  </CipherData>5 t% t1 `8 y/ w
  </EncryptedKey>. J2 K+ ?1 {) ]
  </KeyInfo>+ K9 i) q( c4 B
  <CipherData>' O) r. Y9 L8 `$ G* A  X2 o- ]% u5 x
  <CipherValue>s3PKarSQ/tlnG5YcE/z/KLbnSLljw/nOj+aoafGD9eJRlZ092f5Ywx9IDRaKMqNQ6+OM3f0WOh57evnWqL8tjULwNHviMAP3RU/5CTCGfZ/k0u+jWAGYYuOxlT6/iKsMbceBGh5jmcwIG+d3itc+h+Qq5B3g8Jjbt8Y+IulmOYWEnp2xwC+Sm/IX8vjiT7jlAqUeikNYXCEcakv8GmuA0DvWBX2tuR0Iyjv8fPcyo//eRDIqKKQB22F2ikbT0/42qmgBfOCoC3M4IMRLS7rVpEUu6JYNuoXPtvaKZhQZxNmE3zIlVPyBbPOd4VatPDCWWO9VivTbMMV+ekEDhohHbeFGHBlSi75FSXCMEz1O53gbg1LDC5nJvZUAU2+suQeEoumoMEYkH27J+p5H2xCOivPnQuPx+xRFT9btNWm/P8wpw7FUdxwqRh6JJbUYnpKc5unC76OXhAAYK+5cp+oISOyMMkFYvzCstKpYYYwQ/xW/v9Kx4XgmRKRht6lgBdbiTJhVTTzWwybVx1laOrvIYL5UR3XuqdVhH8rQYx2M3acTh5zvUKmeha6DsOVngWzm0NQ6jX3pQHOP43hZddg6di6lTNdhRRnSxaYcDVhB+n9scjHtGqAXCTJw9agz2En2P9hSZnzMbaS9Qdq9MoJK3h7plJWwIyPhPktA4qXYQCBVDV+aPLyPrBjsVddfnO/yJixaO2alcH8UuTPrACzzHRKn0YwtQFHt/I4/Vb7vsX2VoaFc0BrMxzYe6z/klVope9h6uOUReSbA5E7AGNPh8OaUW8GqzFY/5/N46gofk7g/W/Egz2o9YFGUbWQduh3VK2jF0xy/cbwE0qm7tI8mmlyUnGBfy7GuHK7YM32C4g3ZUsOv38kZoiHMjjHuzfS1lMPwTS6FPBS71UN8mdK58pakcZB2rqq3ysDPkgYvGs+E98j8v9P58rEXPW99uipSRvQeQXflp7DElEuqxVh29NuxJBkOaUaR1qPd2wepRH51MS6b3RlsTpGFEEBOw4/sNt90hzaSWeydleag9mo6803wC5DDp5hJAFBJH4+jiJwfKVzKFp133OfFoGy5ea8T6RruIVMiQRWCH/zCh3FuhkOwUcc25tPfeIZgAgFlmrzCg0E4pfIfHoni//x12kuwXYefJ5IUk6BizOPP2zul831o+Irx8MfWR8n64ZAHZvKfa6BXksN+0HLAsBsPzLRrppHyFMqIBuNe1iWxBM+j3PQUeN+oXJog79YoFxdd4cf1+jMZn0+ee7aOvEu4WGv3WT25FFiYLdO99uzXOPn7UTolUqmkYlYelgh5n5QmFd4WsqOt4oYE5CFadI/n/MsLpVJmJTzA+8CAD26cpuOmloyHzsEpqUWZb5lAO9jfDVu9F6SznBr0iaCkko5jw2kZw4tqRx2B+9eUNPTQGRPRVgc5stAFVf13w974sRrwCvGRSq0U/71cBSE8KSLOj/aGf2p4UBSUPRk=</CipherValue>8 p3 H7 a+ C/ |5 G" r+ {! @
  </CipherData>
+ B' J! I3 d" m  q) [% r& G* {- c  </EncryptedData>/ c( ~* W( F5 M/ u& s- o
  </connectionStrings>
% v5 R  ]+ s3 {% s  完全看不到连接的信息!
4 G8 q8 H! J7 g1 {- {# W  下面是两个.bat批处理文件
3 _0 n2 r0 M1 Y2 s5 M  加密:
, A+ f2 w+ E, W0 r! f0 t  @echo off" h* ]+ h4 e. h1 H
  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe -pef "connectionStrings" "E:\code\proj\Web"
) ~% j% ~5 G1 }& k/ w) [  解密:
. }/ \1 w3 [' R  ]) f  @echo off
% k. e- n( \3 {; _6 U* P$ @8 t6 v  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe -pdf "connectionStrings" "E:\code\proj\Web"
4 i7 [3 `- a8 T" `! p8 W  PAUSE5 O2 H' H1 e. o' v
  直接将语句拷贝到.BAT文件中,E:\code\proj\Web为相应的web.config所在的路径,只能在一台电脑上操作,否则不可逆
作者: Anthony~    时间: 2013-8-5 19:31
好方法。我正好刚遇到这个问题



欢迎光临 中国网络渗透测试联盟 (https://cobjon.com/) Powered by Discuz! X3.2