中国网络渗透测试联盟

标题: web.Config加密解密最简单实用方法 [打印本页]

作者: admin    时间: 2013-8-5 15:33
标题: web.Config加密解密最简单实用方法
web.config的文件多数的时候不希望别人看到,下面提供一个加密,解密的语句,简洁方便实用,先看到效果,至于加密的原理其他的网页上做了很多说明,这里只演示效果。
! h0 _* w$ X! }. O  加密前的connectionStrings节点
! Y; R8 F) r! d9 p% x, y/ n  代码$ w, K2 `" V2 V* ]2 B8 ]6 W
  <connectionStrings>
; }) P5 a7 |5 G  <add name="SQLConnString1" connectionString="server=WJW-PC\SQL2008;user id=sa;password=12345;Initial Catalog=dbFASH;min pool size=4;max pool size=400;" />
% @6 S  i3 a% E! e: @5 G8 j3 s) \. J  <add name="eziyaConnectionString1" connectionString="Data Source=HOME-COMPUTER;Initial Catalog=dbFASH;Integrated Security=True;MultipleActiveResultSets=Falseacket Size=4096;Application Name=&quot;Microsoft SQL Server Management Studio&quot;"
1 H1 {) M0 h8 Z, q" G5 ^8 n  providerName="System.Data.SqlClient" />
' B: C8 o3 G- V4 A3 M9 V, U( W( J  <add name="eziyaConnectionString2" connectionString="Data Source=192.168.1.200;Initial Catalog=dbFASHersist Security Info=True;User ID=taoka;MultipleActiveResultSets=Falseacket Size=4096;Application Name=&quot;Microsoft SQL Server Management Studio&quot;"
2 R2 c. X' y( d8 Q  providerName="System.Data.SqlClient" />
/ F* r- t. T9 [: d6 d3 D* e  <add name="eziyaConnectionString3" connectionString="Data Source=192.168.61.160;Initial Catalog=dbFASHersist Security Info=True;User ID=sa;MultipleActiveResultSets=Falseacket Size=4096;Application Name=&quot;Microsoft SQL Server Management Studio&quot;"2 d# X1 d' E+ }; S2 E+ J0 c
  providerName="System.Data.SqlClient" />
5 {% i- T4 S! W% S5 T; p3 ?  </connectionStrings>1 I  U; R0 k$ V- Q9 U4 K4 `
  加密后的connectionStrings的节点! p6 m+ {7 m( e- C. n
  代码8 j! N3 f$ y6 F
  <connectionStrings configProtectionProvider="RsaProtectedConfigurationProvider">
- n! A8 E9 N. y/ u  <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"6 i1 J# T' H2 @( l5 H
  xmlns="http://www.w3.org/2001/04/xmlenc#"&gt;
( L6 `4 s8 u; F  g+ e: Y  <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
% |2 \( S: ^, m4 ^; o  <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"&gt;# F% [- n4 D( }
  <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#"&gt;
, b  w2 H+ F, |  <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />- K3 }0 t" f; Y* h
  <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"&gt;' B! H- ?' m$ V) v1 s6 d
  <KeyName>Rsa Key</KeyName>3 G" O& A- [9 H* R( f2 b5 \: r
  </KeyInfo>$ f! ?! ]+ b) r7 l4 b2 b
  <CipherData>
5 ~2 J( U7 C0 P  <CipherValue>FOkydQFNniZvq71ua4XapuVCUrJFOARkXeqqwyKFoP+NGXGewehxYW0zTzIn/j+YCvH/r6ABoE/AfWMMEDyr81R1mhi4ckXbiJ2BvW612/W7f7Wkqj+FDwse+lgAISHZ5HfspaY1LBvKYAu1VEm6Iu6NlT35TPnjxFf+p5Apf0E=</CipherValue>
/ ]3 g% K. o7 G  </CipherData>
0 ~/ N( b: A4 C0 ?/ W8 B' z& ?  </EncryptedKey>" f5 X' i2 v% f3 h' e/ Z
  </KeyInfo>
: c  U& K7 x( V  M6 h  <CipherData>% g  @/ ?; G" |3 {7 L5 P) V" w
  <CipherValue>s3PKarSQ/tlnG5YcE/z/KLbnSLljw/nOj+aoafGD9eJRlZ092f5Ywx9IDRaKMqNQ6+OM3f0WOh57evnWqL8tjULwNHviMAP3RU/5CTCGfZ/k0u+jWAGYYuOxlT6/iKsMbceBGh5jmcwIG+d3itc+h+Qq5B3g8Jjbt8Y+IulmOYWEnp2xwC+Sm/IX8vjiT7jlAqUeikNYXCEcakv8GmuA0DvWBX2tuR0Iyjv8fPcyo//eRDIqKKQB22F2ikbT0/42qmgBfOCoC3M4IMRLS7rVpEUu6JYNuoXPtvaKZhQZxNmE3zIlVPyBbPOd4VatPDCWWO9VivTbMMV+ekEDhohHbeFGHBlSi75FSXCMEz1O53gbg1LDC5nJvZUAU2+suQeEoumoMEYkH27J+p5H2xCOivPnQuPx+xRFT9btNWm/P8wpw7FUdxwqRh6JJbUYnpKc5unC76OXhAAYK+5cp+oISOyMMkFYvzCstKpYYYwQ/xW/v9Kx4XgmRKRht6lgBdbiTJhVTTzWwybVx1laOrvIYL5UR3XuqdVhH8rQYx2M3acTh5zvUKmeha6DsOVngWzm0NQ6jX3pQHOP43hZddg6di6lTNdhRRnSxaYcDVhB+n9scjHtGqAXCTJw9agz2En2P9hSZnzMbaS9Qdq9MoJK3h7plJWwIyPhPktA4qXYQCBVDV+aPLyPrBjsVddfnO/yJixaO2alcH8UuTPrACzzHRKn0YwtQFHt/I4/Vb7vsX2VoaFc0BrMxzYe6z/klVope9h6uOUReSbA5E7AGNPh8OaUW8GqzFY/5/N46gofk7g/W/Egz2o9YFGUbWQduh3VK2jF0xy/cbwE0qm7tI8mmlyUnGBfy7GuHK7YM32C4g3ZUsOv38kZoiHMjjHuzfS1lMPwTS6FPBS71UN8mdK58pakcZB2rqq3ysDPkgYvGs+E98j8v9P58rEXPW99uipSRvQeQXflp7DElEuqxVh29NuxJBkOaUaR1qPd2wepRH51MS6b3RlsTpGFEEBOw4/sNt90hzaSWeydleag9mo6803wC5DDp5hJAFBJH4+jiJwfKVzKFp133OfFoGy5ea8T6RruIVMiQRWCH/zCh3FuhkOwUcc25tPfeIZgAgFlmrzCg0E4pfIfHoni//x12kuwXYefJ5IUk6BizOPP2zul831o+Irx8MfWR8n64ZAHZvKfa6BXksN+0HLAsBsPzLRrppHyFMqIBuNe1iWxBM+j3PQUeN+oXJog79YoFxdd4cf1+jMZn0+ee7aOvEu4WGv3WT25FFiYLdO99uzXOPn7UTolUqmkYlYelgh5n5QmFd4WsqOt4oYE5CFadI/n/MsLpVJmJTzA+8CAD26cpuOmloyHzsEpqUWZb5lAO9jfDVu9F6SznBr0iaCkko5jw2kZw4tqRx2B+9eUNPTQGRPRVgc5stAFVf13w974sRrwCvGRSq0U/71cBSE8KSLOj/aGf2p4UBSUPRk=</CipherValue>
/ R! o5 `6 n( b2 Q" \" g  </CipherData>" }8 u, y$ i$ X) Q* W1 z* d# V: H
  </EncryptedData>
9 W6 K) M- l9 m: ]" Z  </connectionStrings>) Q" @( z2 b, ]0 }  J
  完全看不到连接的信息!# G+ G  C3 ~1 V( b5 ]0 [/ V" U8 u
  下面是两个.bat批处理文件
6 z0 ?, p+ ^- L# Y" |, @  h0 x  加密:( t; ^8 \+ {$ b, I) q, \
  @echo off
; V  P* Y; P8 \: S3 H2 e1 V  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe -pef "connectionStrings" "E:\code\proj\Web"8 D0 q' `: u& ^) {& z
  解密:1 T' ~% Y" i# s3 e+ L2 `: w4 Q
  @echo off$ m# M$ ^( n+ ]% ?5 H1 o) M/ @  @/ j
  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe -pdf "connectionStrings" "E:\code\proj\Web"% ], P  H) W3 Z* I3 s2 c
  PAUSE* n( s: M5 m  ]
  直接将语句拷贝到.BAT文件中,E:\code\proj\Web为相应的web.config所在的路径,只能在一台电脑上操作,否则不可逆
作者: Anthony~    时间: 2013-8-5 19:31
好方法。我正好刚遇到这个问题




欢迎光临 中国网络渗透测试联盟 (https://www.cobjon.com/) Powered by Discuz! X3.2