JS前台base32加密,C#后台解码
公司的系统应用后,客户那边用appscan工具检测到严重的漏洞
1.使用 SQL 注入的认证旁路 (1/2)--未对用户输入正确执行危险字符清理
2.已解密的登录请求 (2/2)----诸如用户名、密码和信用卡号之类的敏感输入字段未经加密即进行了传递
解决思路:
1. 因为密码设置时只允许输入字母和数字,所以在用户登录前用JS检查输入的内容是否符合只包含字母和数字,这样就防止了SQL的注入。
2. 被检测出来的原因是密码在后台以明文接收,容易被人获取。于是想如果在登录前用JS把它进行加密,然后再在后台解密出来,是否可解决此问题呢。
于是在网上查询到下面JS前台base32加密,C#后台解码的方法。
JS 加密方法:
var getEncodeString = function(srcString) { //var srcString = 'abc'; var BASE32CHAR = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567"; var i = 0; var index = 0; var digit = 0; var currByte; var nextByte; var retrunString = ''; for (var i = 0; i < srcString.length; ) { //var index = 0; currByte = (srcString.charCodeAt(i) >= 0) ? srcString.charCodeAt(i) : (srcString.charCodeAt(i) + 256); if (index > 3) { if ((i + 1) < srcString.length) { nextByte = (srcString.charCodeAt(i + 1) >= 0) ? srcString.charCodeAt(i + 1) : (srcString.charCodeAt(i + 1) + 256); } else { nextByte = 0; } digit = currByte & (0xFF >> index); index = (index + 5) % 8; digit <<= index; digit |= (nextByte >> (8 - index)); i++; } else { digit = (currByte >> (8 - (index + 5))) & 0x1F; index = (index + 5) % 8; if (index == 0) { i++; } } retrunString = retrunString + BASE32CHAR.charAt(digit); } return retrunString.toLowerCase(); }
JS调用代码:
// 判断输入是否是一个由 0-9 / A-Z / a-z 组成的字符串 function isalphanumber(str) { var result=str.match(/^[a-zA-Z0-9]+$/); if(result==null) { return false; } else { return true; } } //base32加密 function CheckAndEncode() { var pwd = document.getElementById('txtPwd'); if (!isalphanumber(pwd.value)) { alert("密码只能输入字母和数字!"); pwd.value = ""; pwd.focus(); return false; } var s1 = pwd.value; var s2 = escape(s1); pwd.value = getEncodeString(s2); }
后台转码代码:
/// <summary> /// BASE32解码 /// </summary> /// <param name="encodeString"></param> /// <returns></returns> private string getDecodeString(string encodeString) { int i; int index; int lookup; int offset; int digit; string en_string = encodeString.ToUpper(); int[] BASE32LOOOKUP = new int[]{ 0xFF, 0xFF, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, // '0', '1', '2', '3', '4', '5', '6', '7' 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, // '8', '9', ':', ';', '<', '=', '>', '?' 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, // '@', 'A', 'B', 'C', 'D', 'E', 'F', 'G' 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, // 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O' 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, // 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W' 0x17, 0x18, 0x19, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, // 'X', 'Y', 'Z', '[', '\', ']', '^', '_' 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, // '`', 'a', 'b', 'c', 'd', 'e', 'f', 'g' 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, // 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o' 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, // 'p', 'q', 'r', 's', 't', 'u', 'v', 'w' 0x17, 0x18, 0x19, 0xFF, 0xFF, 0xFF, 0xFF,0xFF }; int stringLen = ((en_string.Length * 5) / 8); int[] bytes = new int[stringLen]; for (var a = 0; a < stringLen; a++) { bytes[a] = 0; } for (i = 0, index = 0, offset = 0; i < en_string.Length; i++) { var charCode0 = (short)'0'; lookup = (short)en_string[i] - charCode0; if ((lookup < 0) || (lookup >= BASE32LOOOKUP.Length)) { continue; } digit = BASE32LOOOKUP[lookup]; if (digit == 0xFF) { continue; } if (index <= 3) { index = (index + 5) % 8; if (index == 0) { bytes[offset] = bytes[offset] | digit; offset++; if (offset >= bytes.Length) { break; } } else { bytes[offset] = bytes[offset] | (digit << (8 - index)); } } else { index = (index + 5) % 8; bytes[offset] = bytes[offset] | (digit >> index); offset++; if (offset >= bytes.Length) { break; } bytes[offset] = bytes[offset] | (digit << (8 - index)); if (bytes[offset] >= 256) { bytes[offset] %= 256; } } } string realkeyString = ""; for (var a = 0; a < bytes.Length; a++) { var realkey = (char)bytes[a]; realkeyString += realkey; } return realkeyString; }
后台调用转码获取明文:
string pwd=""; pwd=getDecodeString(txtPwd.Text.Trim());
可是等我做完以上改动之后,再用ibm appscan检测,漏洞依然没减少,郁闷啊 。。。我的一天
本文主要内容转载自 http://wwwluo.blog.163.com/blog/static/6129023120110710427826/
