20,359
社区成员
发帖
与我相关
我的任务
分享c#如何解密DZ7.0的cookie??
有没做过的朋友能帮忙一下。
1 我通过检测工具取得cookie为:
2 用网上找的一个代码decoe,但是得出来的是乱码
1 我通过检测工具取得cookie为:
2 用网上找的一个代码decoe,但是得出来的是乱码
//从浏览器取得的cookie值
string hash = "56abivY+U+EAcg1Znn6dDpsgdWchmmsZ3nd5C3dpSU+scsv58Csb3EMS1rcfqJcSN331v9BFCSoHTTGYFyM1BWE";
//当前站点的auth key
string key = "s5ocKaq006N8i3F8p2J8X9sdWal8r7Ifpd45u3J6weDf00t0C1DeK8ab11F7v0f4";
//PS 我不是很确定这个key应该从哪个文件取。
string[] s2 = DiscuzDecode2(hash,key);
string b2 = s2.ToString();
public string[] DiscuzDecode2(string hash, string authkey) //这里是Discuz论坛的随机加密字串
{
//Discuz Cookies的相应解密算法,C#版
string[] userinfo = new string[3];
string Result = "";
string discuz_auth_key = FormsAuthentication.HashPasswordForStoringInConfigFile((authkey + System.Web.HttpContext.Current.Request.UserAgent), "MD5").ToLower();
string key = FormsAuthentication.HashPasswordForStoringInConfigFile(discuz_auth_key, "MD5").ToLower();
int key_length = key.Length;
hash = (hash.Length % 4 == 0) ? hash : hash + "====".Substring(0, 4 - hash.Length % 4);
byte[] byteHash = Convert.FromBase64String(hash);
int byteHash_length = byteHash.Length;
byte[] rndkey = new byte[256];
byte[] box = new byte[256];
byte SwapTmp;
for (int i = 0; i <= 255; i++)
{
rndkey[i] = (byte)(key[i % key_length]);
box[i] = (byte)i;
}
for (int j = 0, i = 0; i < 256; i++)
{
j = (j + box[i] + rndkey[i]) % 256;
SwapTmp = box[i];
box[i] = box[j];
box[j] = SwapTmp;
}
for (int a = 0, j = 0, i = 0; i < byteHash_length; i++)
{
a = (byte)((a + 1) % 256);
j = (byte)((j + box[a]) % 256);
SwapTmp = box[a];
box[a] = box[j];
box[j] = SwapTmp;
byteHash[i] = (byte)((byteHash[i]) ^ (box[(box[a] + box[j]) % 256]));
}
Result = System.Text.Encoding.Default.GetString(byteHash);
userinfo = Result.Split('\t');
//userinfo[0]为md5加密后的字串
//userinfo[1]为安全问答
//userinfo[2]为用户在bbs中的uid
return userinfo;
}
...全文
请发表友善的回复…
发表回复
TopFans 2009-08-04
- 打赏
- 举报
发一些代码, 麻烦大家帮忙看看啊
PHP代码
//调用开始, 这个到数组里面就是解密好的数据了。
ist($discuz_pw, $discuz_secques, $discuz_uid) =daddslashes(explode("\t", authcode($_DCOOKIE['auth'], 'DECODE')), 1);
function authcode($string, $operation = 'DECODE', $key = '', $expiry = 0) {
$ckey_length = 4;
$key = md5($key ? $key : 'ab99e12385c8221aeeae9ea9db8f85d5';);//这个key写死 和下面c#的函数一样
$keya = md5(substr($key, 0, 16));
$keyb = md5(substr($key, 16, 16));
$keyc = $ckey_length ? ($operation == 'DECODE' ? substr($string, 0, $ckey_length): substr(md5(microtime()),
-$ckey_length)) : '';
$cryptkey = $keya.md5($keya.$keyc);
$key_length = strlen($cryptkey);
$string = $operation == 'DECODE' ? base64_decode(substr($string, $ckey_length)) : sprintf('%010d', $expiry ? $expiry
+ time() : 0).substr(md5($string.$keyb), 0, 16).$string;
$string_length = strlen($string);
$result = '';
$box = range(0, 255);
$rndkey = array();
for($i = 0; $i <= 255; $i++) {
$rndkey[$i] = ord($cryptkey[$i % $key_length]);
}
for($j = $i = 0; $i < 256; $i++) {
$j = ($j + $box[$i] + $rndkey[$i]) % 256;
$tmp = $box[$i];
$box[$i] = $box[$j];
$box[$j] = $tmp;
}
for($a = $j = $i = 0; $i < $string_length; $i++) {
$a = ($a + 1) % 256;
$j = ($j + $box[$a]) % 256;
$tmp = $box[$a];
$box[$a] = $box[$j];
$box[$j] = $tmp;
$result .= chr(ord($string[$i]) ^ ($box[($box[$a] + $box[$j]) % 256]));
}
if($operation == 'DECODE') {
if((substr($result, 0, 10) == 0 || substr($result, 0, 10) - time() > 0) && substr($result, 10, 16) ==
substr(md5(substr($result, 26).$keyb), 0, 16)) {
return substr($result, 26);
} else {
return '';
}
} else {
return $keyc.str_replace('=', '', base64_encode($result));
}
}
function daddslashes($string, $force = 0) {
!defined('MAGIC_QUOTES_GPC') && define('MAGIC_QUOTES_GPC', get_magic_quotes_gpc());
if(!MAGIC_QUOTES_GPC || $force) {
if(is_array($string)) {
foreach($string as $key => $val) {
$string[$key] = daddslashes($val, $force);
}
} else {
$string = addslashes($string);
}
}
return $string;
}
//C#的code
public static string[] DiscuzDecode(string hash)
{
//Discuz Cookies的相应解密算法,C#版
string[] userinfo = new string[3];
string Result = "";
//这个是写死的 不会有错。
string discuz_auth_key = "ab99e12385c8221aeeae9ea9db8f85d5";
string key =FormsAuthentication.HashPasswordForStoringInConfigFile(discuz_auth_key, "MD5").ToLower();
int key_length = key.Length;
hash = (hash.Length % 4 == 0) ? hash : hash + "====".Substring(0, 4 - hash.Length % 4);
byte[] byteHash = Convert.FromBase64String(hash);
int byteHash_length = byteHash.Length;
byte[] rndkey = new byte[256];
byte[] box = new byte[256];
byte SwapTmp;
for (int i = 0; i <= 255; i++)
{
rndkey[i] = (byte)(key[i % key_length]);
box[i] = (byte)i;
}
for (int j = 0, i = 0; i < 256; i++)
{
j = (j + box[i] + rndkey[i]) % 256;
SwapTmp = box[i];
box[i] = box[j];
box[j] = SwapTmp;
}
for (int a = 0, j = 0, i = 0; i < byteHash_length; i++)
{
a = (byte)((a + 1) % 256);
j = (byte)((j + box[a]) % 256);
SwapTmp = box[a];
box[a] = box[j];
box[j] = SwapTmp;
byteHash[i] = (byte)((byteHash[i]) ^ (box[(box[a] + box[j]) % 256]));
}
//Result = Convert.FromBase64String(Result);
Result = System.Text.Encoding.Default.GetString(byteHash);
//Result = Convert.FromBase64String(Result);
userinfo = Result.Split('\t');
//userinfo[0]为md5加密后的字串
//userinfo[1]为安全问答
//userinfo[2]为用户在bbs中的uid
return userinfo;
//我这里得到的是不是应该就是解密好的了?可是现在我得到的是乱码,而且数组的长度也不是3个。
}
残剑无弦 2009-08-03
- 打赏
- 举报
帮顶~~ 接分!~
fxs_2008 2009-08-03
- 打赏
- 举报
这个没有好办法,原样翻译吧
网上搜下看看
整合和解密时那个函数还是要用的!
网上搜下看看
整合和解密时那个函数还是要用的!
mrshelly 2009-08-03
- 打赏
- 举报
看 api 的 uc.php 把 decode 部分翻译为 c# 就行了.
