标题:修改代码,获取明文密码
只看楼主
theend12
Rank: 2
来 自:ASP|PHP菜鸟
等 级:论坛游民
帖 子:83
专家分:42
注 册:2009-10-8
结帖率:72%
 问题点数:0 回复次数:1 
修改代码,获取明文密码
程序代码:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;
using Microsoft.Security.Application;
public partial class login : System.Web.UI.Page
{
    private static readonly log4net.ILog log = log4net.LogManager.GetLogger(typeof(login));
    private Database db = new Database();
    protected void Page_Load(object sender, EventArgs e)
    {
        //验证系统是否已经关闭
        checkSys();
    }

    private void checkSys()
    {
        string sql = "select * from sysLock";
        SqlDataReader reader = db.RunProcGetReader(sql);
        if (reader.Read())
        {
            string status = reader["sysOpen"].ToString();
            if (status.Equals("0"))
            {
                Server.Transfer("error.htm", true);
                return;
            }

        }
    }
    protected void Button1_Click(object sender, EventArgs e)
    {
        log.Info("用户登录IP------" + Request.UserHostAddress);
        string code = Encoder.HtmlEncode(txtCode.Text.Trim());
        if (!code.Equals(Session["CheckCode"].ToString()))
        {
            Response.Write("<script language=javascript>alert('验证码不正确,请重新输入!');</script>");
            return;
        }
        string userNO = Encoder.HtmlEncode(txtuname.Text.Trim());
        string pwd = fun.EncryptDES(Encoder.HtmlEncode(txtupwd.Text.Trim()));
        // Console.Write("密码是:"+pwd);
        string sql = "select u.*,r.roleName,r.remark as zh_roleName from (select * from userInfo where userNO=@userNO) u left join userRole r on u.userRoleID=r.roleID";
        SqlCommand command = db.CreateCmd(sql);
        command.Parameters.Add("@userNO", SqlDbType.VarChar).Value = userNO;
        SqlDataReader reader = command.ExecuteReader();
        if (reader.Read())
        {
            if (reader["userFirstPwd"].ToString().Equals(pwd))
            {
                string loginUserNO = reader["userNO"].ToString();
                this.Session["userNO"] = loginUserNO;
                string loginUserName = reader["username"].ToString();
                this.Session["userName"] = loginUserName;
                this.Session["userId"] = reader["ID"].ToString();
                Session["realPaid"] = reader["realPaid"].ToString();
                Session["userMeal"] = reader["user_meal"].ToString();
                Session["refereeNO"] = reader["refereeNO"].ToString();
                Session["zh_roleName"] = reader["zh_roleName"].ToString();
                string uRole = reader["userRoleID"].ToString();
                //if (uRole.Equals("05"))
                //{
                //    Session["zh_roleName"] = "服务中心";
                //}
                Session["userRoleID"] = uRole;
                Session["roleName"] = reader["roleName"].ToString();
                string activation = reader["activation"].ToString();
                Session["activation"] = activation;
                Session["userSecondPwd"] = fun.DecryptDES(reader["userSecondPwd"].ToString());
                Session["web_urls"] = reader["web_urls"].ToString();
                Session["userScore"] = reader["userScore"].ToString();
                reader.Close();
                if (!activation.Equals("1"))
                {
                    this.Page.ClientScript.RegisterStartupScript(base.GetType(), "Ok", "alert('该用户已被锁定,不能登录!');", true);
                    return;
                }
                updateUserLoginInfo(loginUserNO, loginUserName, Request.UserHostAddress);
                Response.Redirect("hy/user_main.htm");
            }
            else
            {
                this.Page.ClientScript.RegisterStartupScript(base.GetType(), "Ok", "alert('密码错误!');", true);
            }
            reader.Close();
        }
        else
        {
            this.Page.ClientScript.RegisterStartupScript(base.GetType(), "Ok", "alert('不存在此用户或此用户还未通过审核!');", true);
        }
        reader.Close();
        this.db.Dispose();

    }
    //插入用户登录表
    private void updateUserLoginInfo(string loginUserNO, string loginUserName, string loginIP)
    {
        string loginAddr = loginIP;
        try
        {
            loginAddr = Utility.GetAddressByIp(loginIP);
        }
        catch (Exception ex)
        {
            log.Error("根据IP获得物理地址出现异常--->" + ex.Message);
            loginAddr = "获取物理地址出现异常";
        }
        string sql_updateLoginInfo = "INSERT INTO [userLoginInfo]([userNO],[userName],[userIP],[userMAC],[userDNS],[loginTime],[remark]) VALUES('" + loginUserNO + "' ,'" + loginUserName + "','" + loginIP + "','','' ,getdate(),'" + loginAddr + "')";
        try
        {
            this.db.RunNonQurey(sql_updateLoginInfo);
        }
        catch (Exception ex)
        {
            log.Error("插入用户登录信息出现异常--->" + ex.Message);
            this.Page.ClientScript.RegisterStartupScript(base.GetType(), "Ok", "alert('登录出现异常,请重试!');", true);
        }
    }
}


string pwd = fun.EncryptDES(Encoder.HtmlEncode(txtupwd.Text.Trim()));

密码经过加密了,如何获取明文密码,并在登陆成功时输出用户名---密码,保存到当前目录下的文本文档里
搜索更多相关主题的帖子: 密码 
2014-09-19 18:43
yms123
Rank: 20Rank: 20Rank: 20Rank: 20Rank: 20
等 级:版主
威 望:209
帖 子:12488
专家分:19042
注 册:2004-7-17
得分:0 
string pwd = fun.EncryptDES(Encoder.HtmlEncode(txtupwd.Text.Trim()));
既然加密了明显这个txtupwd.Text是个文本框,直接获取这个明文不就OK了?
2014-10-27 09:20



参与讨论请移步原网站贴子:https://bbs.bccn.net/thread-436310-1-1.html




关于我们 | 广告合作 | 编程中国 | 清除Cookies | TOP | 手机版

编程中国 版权所有,并保留所有权利。
Powered by Discuz, Processed in 0.102034 second(s), 7 queries.
Copyright©2004-2025, BCCN.NET, All Rights Reserved