发表新帖
发表新帖

Using Python to authenticate against raw username, hash, salt in DB created by ASP.NET roles/membership

后端 未结
关注
2 876
时光说笑
时光说笑 2021-02-04 18:13

We have a current application where user login credentials are stored in a SQL Server DB. These are, basically, stored as a plain text username, a password hash, and an associa

相关标签:
2条回答
  • 粉色の甜心
    2021-02-04 18:51

    It appears python is inserting a byte order marker when you convert a UTF16 string to binary. The .NET byte array contains no BOM, so I did some ghetto python that turns the UTF16 into hex, removes the first 4 characters, then decodes it to binary.

    There may be a better way to rip out the BOM, but this works for me!

    Here's one that passes:

    import hashlib
from base64 import b64decode, b64encode

def utf16tobin(s):
  return s.encode('hex')[4:].decode('hex')

b64salt = "kDP0Py2QwEdJYtUX9cJABg=="
b64hash = "OJF6H4KdxFLgLu+oTDNFodCEfMA="
binsalt = b64decode(b64salt)
password_string = 'password'.encode("utf16")
password_string = utf16tobin(password_string)

m1 = hashlib.sha1()
# Pass in salt
m1.update(binsalt + password_string)
# Pass in password
# B64 encode the binary digest
if b64encode(m1.digest()) == b64hash:
    print "Logged in!"
else:
    print "Didn't match"
    print b64hash
    print b64encode(m1.digest())
    0 讨论(0)
  • 南旧
    2021-02-04 18:53

    Two thoughts as to what could be going wrong.

    First the code from the reflection has three paths:

    • If passwordFormat is 0 it returns the password as is.
    • If passwordFormat is 1 it creates the hash as your python code does.
    • If passwordFormat is anything other than 0 or 1 it calls this.EncryptPassword()

    How do you know you are hashing the password, and not encrypting the password with this.EncryptPassword()? You may need to reverse the EncryptPassword() member function and replicate that. That is unless you have some information which ensures that you are hashing the password and not encrypting it.

    Second if it is indeed hashing the password you may want to see what the Encoding.Unicode.GetBytes() function returns for the string "password", as you may be getting something back like:

    0x00 0x70 0x00 0x61 0x00 0x73 0x00 0x73 0x00 0x77 0x00 0x6F 0x00 0x72 0x00 0x64

    instead of:

    0x70 0x61 0x73 0x73 0x77 0x6F 0x72 0x64

    I hope this helps.

    0 讨论(0)
 看不清?
提交回复
热议问题