堆栈内存溢出
  简体   繁体   English

如何使用Salt和Hash在c#中解密密码?

[英]How to Decrypt Password in c# using Salt and Hash.?

 原文  2017-04-19 06:14:24       c#/ cryptography/ passwords

问题描述

How to Decrypt Password in c# using Salt and Hash.? 如何使用Salt和Hash在c#中解密密码? Salt and Hash already stored in SQL Server. Salt和Hash已存储在SQL Server中。

哈希和盐

Here is attached screenshot of Database with hash salt and Hash. 这是带有哈希盐和哈希的数据库的屏幕快照。

2 个解决方案

解决方案1
 1  2017-04-19 06:23:19

Depending on how you encrypt it, you probably can't decrypt it as Hash algorithms are generally one-way. 根据哈希的加密方式,您可能无法解密,因为哈希算法通常是单向的。

The only viable solution you have would be to bruteforce the hash and salt which by looking at it would take forever. 您拥有的唯一可行的解​​决方案是强加于哈希和盐,这些哈希和盐将永远存在。

If you know how the data is encrypted in relation to the salt then this is relatively simple, and can be done either manually or automatically. 如果您知道与盐有关的数据加密方式,则这相对简单,可以手动或自动完成。

More about it here: https://msdn.microsoft.com/en-us/library/ee783861(v=cs.20).aspx 此处的更多信息: https : //msdn.microsoft.com/zh-cn/library/ee783861(v=cs.20).aspx

解决方案2
 1 已采纳  2017-04-19 06:53:43

I'm going to assume that this table is all there is, that there is no 'password' column or table. 我将假定该表已存在,没有“密码”列或表。 In which case: 在这种情况下:

There are no passwords here to decrypt, because this table does not contain passwords. 这里没有密码可解密,因为此表不包含密码。

Here's what's going on: the user creates a password. 这是怎么回事:用户创建密码。 It's hashed (using the salt) and stored as 123ABC . 它被散列(使用盐)并存储为123ABC When they log on, they enter the password, which is then hashed (using the salt) and compared to the saved hash. 当他们登录时,他们输入密码,然后将其哈希(使用盐)并保存的哈希进行比较 If it comes out as 123ABC , fine. 如果它显示为123ABC123ABC好。

The good part is, you never save the passwords, so they can't be stolen. 好消息是,您永远不会保存密码,因此密码不会被盗。 Ever. 永远。

The bad part is that other strings will also hash to 123ABC , so someone with a table of all possible hashes (called a 'rainbow table') can get in using some other, known match. 不好的部分是其他字符串将哈希到123ABC ,因此拥有所有可能哈希表的人(称为“彩虹表”)可以使用其他已知的匹配项。 That's where the salt comes it, it makes it much harder to figure out possible matches. 那就是盐的来源,这使得找出可能的比赛变得更加困难。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在不传递密码的情况下从密码 Hash 和 Salt 获取解密密码以解密 c# - How to get Decrypted password from Password Hash and Salt without Password passing to decrypt c# 如何使用c#对密码值进行加密和散列? - How to salt and hash a password value using c#? 如何在C#中解码Salt + Hash密码? - How to decode the Salt + Hash Password in c#? 如何在C#中使用Salt进行加密/解密 - How to encrypt/decrypt using salt in C# 使用JavaScript将密码随机盐化并从C#进行验证 - Hash password with random salt using JavaScript and validate from C# C#哈希密码创建盐问题 - C# hash password create salt question 如何在C#中解密密码 - how to Decrypt password in c# c#sha256通过使用用户名作为盐计算密码哈希 - c# sha256 compute password hash by using username as salt 带有salt的MD5哈希,用于在C#中保存密码 - MD5 hash with salt for keeping password in DB in C# 在C#中使用Salt解密密码 - Decryption password using Salt in C#
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM