中国网络渗透测试联盟

标题: web.Config加密解密最简单实用方法 [打印本页]
作者: admin    时间: 2013-8-5 15:33
标题: web.Config加密解密最简单实用方法
web.config的文件多数的时候不希望别人看到,下面提供一个加密,解密的语句,简洁方便实用,先看到效果,至于加密的原理其他的网页上做了很多说明,这里只演示效果。% s) z( s/ f  h/ p% G1 h
  加密前的connectionStrings节点
* c2 h3 n! M: Z+ }# @0 t: V  代码0 V, s! h7 n/ N
  <connectionStrings>  a, S7 |1 a. E# P
  <add name="SQLConnString1" connectionString="server=WJW-PC\SQL2008;user id=sa;password=12345;Initial Catalog=dbFASH;min pool size=4;max pool size=400;" />( B6 w" F. \/ _1 n' @  a, ~9 ~6 b+ \8 }& D
  <add name="eziyaConnectionString1" connectionString="Data Source=HOME-COMPUTER;Initial Catalog=dbFASH;Integrated Security=True;MultipleActiveResultSets=Falseacket Size=4096;Application Name=&quot;Microsoft SQL Server Management Studio&quot;"' ]" {' F: \2 y7 W9 G" {
  providerName="System.Data.SqlClient" />; b2 W. }7 |2 {1 E. v
  <add name="eziyaConnectionString2" connectionString="Data Source=192.168.1.200;Initial Catalog=dbFASHersist Security Info=True;User ID=taoka;MultipleActiveResultSets=Falseacket Size=4096;Application Name=&quot;Microsoft SQL Server Management Studio&quot;"
- z, Q6 Y* D8 S5 P1 V. S  providerName="System.Data.SqlClient" />$ }5 M8 }% @2 Y4 }/ _) N
  <add name="eziyaConnectionString3" connectionString="Data Source=192.168.61.160;Initial Catalog=dbFASHersist Security Info=True;User ID=sa;MultipleActiveResultSets=Falseacket Size=4096;Application Name=&quot;Microsoft SQL Server Management Studio&quot;"
# S8 M) @( H, n$ }4 B* J/ j  providerName="System.Data.SqlClient" />/ T& z# k7 T, G  G! r0 e& w
  </connectionStrings>
. j( }- [# p! C" @  加密后的connectionStrings的节点, R! ]+ Y, K$ t7 h, p4 b% L
  代码' I: g0 e/ Z* B9 P/ t& ~$ {$ |
  <connectionStrings configProtectionProvider="RsaProtectedConfigurationProvider">
# q, O$ s8 u) d( m5 n* r  <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"' w: A# T* |+ e! N: a: [. l
  xmlns="http://www.w3.org/2001/04/xmlenc#"&gt;
* {2 S0 T8 v0 }0 g& q) w7 e  <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />* G3 L0 p! |! m2 W2 t
  <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"&gt;
& `. x. ]/ w, C2 h2 \  <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#"&gt;, y. f, D' k4 s' _/ w$ N# {; h
  <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
- q" L/ x% U( N9 h4 v* ~  ]  <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"&gt;
9 k6 e, V9 L# x; G  <KeyName>Rsa Key</KeyName>
$ t+ h# I8 {3 W+ ]  </KeyInfo>$ O" E* @& e0 m: n& x
  <CipherData>
% [3 V" A- v3 M8 O% A# a! j( [  <CipherValue>FOkydQFNniZvq71ua4XapuVCUrJFOARkXeqqwyKFoP+NGXGewehxYW0zTzIn/j+YCvH/r6ABoE/AfWMMEDyr81R1mhi4ckXbiJ2BvW612/W7f7Wkqj+FDwse+lgAISHZ5HfspaY1LBvKYAu1VEm6Iu6NlT35TPnjxFf+p5Apf0E=</CipherValue>" F% v; R& e6 E0 x$ C
  </CipherData>( G* G. x$ w* v
  </EncryptedKey>
5 K% J/ y9 k0 O' m0 F! b, u  </KeyInfo>4 J9 R: b3 A! ]
  <CipherData>
. c& n: V2 w+ X6 A7 M  <CipherValue>s3PKarSQ/tlnG5YcE/z/KLbnSLljw/nOj+aoafGD9eJRlZ092f5Ywx9IDRaKMqNQ6+OM3f0WOh57evnWqL8tjULwNHviMAP3RU/5CTCGfZ/k0u+jWAGYYuOxlT6/iKsMbceBGh5jmcwIG+d3itc+h+Qq5B3g8Jjbt8Y+IulmOYWEnp2xwC+Sm/IX8vjiT7jlAqUeikNYXCEcakv8GmuA0DvWBX2tuR0Iyjv8fPcyo//eRDIqKKQB22F2ikbT0/42qmgBfOCoC3M4IMRLS7rVpEUu6JYNuoXPtvaKZhQZxNmE3zIlVPyBbPOd4VatPDCWWO9VivTbMMV+ekEDhohHbeFGHBlSi75FSXCMEz1O53gbg1LDC5nJvZUAU2+suQeEoumoMEYkH27J+p5H2xCOivPnQuPx+xRFT9btNWm/P8wpw7FUdxwqRh6JJbUYnpKc5unC76OXhAAYK+5cp+oISOyMMkFYvzCstKpYYYwQ/xW/v9Kx4XgmRKRht6lgBdbiTJhVTTzWwybVx1laOrvIYL5UR3XuqdVhH8rQYx2M3acTh5zvUKmeha6DsOVngWzm0NQ6jX3pQHOP43hZddg6di6lTNdhRRnSxaYcDVhB+n9scjHtGqAXCTJw9agz2En2P9hSZnzMbaS9Qdq9MoJK3h7plJWwIyPhPktA4qXYQCBVDV+aPLyPrBjsVddfnO/yJixaO2alcH8UuTPrACzzHRKn0YwtQFHt/I4/Vb7vsX2VoaFc0BrMxzYe6z/klVope9h6uOUReSbA5E7AGNPh8OaUW8GqzFY/5/N46gofk7g/W/Egz2o9YFGUbWQduh3VK2jF0xy/cbwE0qm7tI8mmlyUnGBfy7GuHK7YM32C4g3ZUsOv38kZoiHMjjHuzfS1lMPwTS6FPBS71UN8mdK58pakcZB2rqq3ysDPkgYvGs+E98j8v9P58rEXPW99uipSRvQeQXflp7DElEuqxVh29NuxJBkOaUaR1qPd2wepRH51MS6b3RlsTpGFEEBOw4/sNt90hzaSWeydleag9mo6803wC5DDp5hJAFBJH4+jiJwfKVzKFp133OfFoGy5ea8T6RruIVMiQRWCH/zCh3FuhkOwUcc25tPfeIZgAgFlmrzCg0E4pfIfHoni//x12kuwXYefJ5IUk6BizOPP2zul831o+Irx8MfWR8n64ZAHZvKfa6BXksN+0HLAsBsPzLRrppHyFMqIBuNe1iWxBM+j3PQUeN+oXJog79YoFxdd4cf1+jMZn0+ee7aOvEu4WGv3WT25FFiYLdO99uzXOPn7UTolUqmkYlYelgh5n5QmFd4WsqOt4oYE5CFadI/n/MsLpVJmJTzA+8CAD26cpuOmloyHzsEpqUWZb5lAO9jfDVu9F6SznBr0iaCkko5jw2kZw4tqRx2B+9eUNPTQGRPRVgc5stAFVf13w974sRrwCvGRSq0U/71cBSE8KSLOj/aGf2p4UBSUPRk=</CipherValue>
/ h, c; _- x/ i: @0 M$ j  </CipherData>
' o% k- v, Q# f$ X; B- W2 F  </EncryptedData>5 t: u% J" Y8 z2 b5 k$ Y- Y0 [
  </connectionStrings>5 G. w; |" ~- x' R! X% S- u, _6 o- g
  完全看不到连接的信息!
9 ?3 y, h7 _1 j/ @4 N  下面是两个.bat批处理文件" ?5 b' ^4 E9 K/ e( [! A
  加密:
: E4 a* x7 k: e) W% c  @echo off
. A8 ]# i7 Z6 Q! W3 M$ N  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe -pef "connectionStrings" "E:\code\proj\Web"  l- M) S: p4 T- h9 o( G; \7 z
  解密:" v1 F9 L* d8 n+ J
  @echo off4 M5 h2 W9 U) X9 ~% J( K# R- W
  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe -pdf "connectionStrings" "E:\code\proj\Web". O# x5 |  s6 o- K
  PAUSE
: L5 _2 Z' `3 r0 A/ M" E: N  直接将语句拷贝到.BAT文件中,E:\code\proj\Web为相应的web.config所在的路径,只能在一台电脑上操作,否则不可逆
作者: Anthony~    时间: 2013-8-5 19:31
好方法。我正好刚遇到这个问题



欢迎光临 中国网络渗透测试联盟 (https://cobjon.com/) Powered by Discuz! X3.2