一个关于。NET安全性问题,大家一定看!!!
这段代码是 IssueVision 里加密的代码
使用反编译软件后 Reflector后(代码如下)
public sealed class DataProtection
{
// Methods
private DataProtection();
public static string Encrypt(string data, Store store);
public static string Decrypt(string data, Store store);
private static void SetBlobData(ref Win32.DATA_BLOB blob, byte[] bits);
private static byte[] GetBlobData(ref Win32.DATA_BLOB blob);
// Nested Types
public enum Store
{
// Fields
Machine = 0,
User = 1
}
private class Consts
{
// Methods
static Consts();
public Consts();
// Fields
public static readonly byte[] EntropyData;
}
private class Win32
{
// Methods
[DllImport("crypt32", CharSet=CharSet.Auto)]
public static extern bool CryptProtectData(ref DATA_BLOB pDataIn, string szDataDescr, ref DATA_BLOB pOptionalEntropy, IntPtr pvReserved, IntPtr pPromptStruct, int dwFlags, ref DATA_BLOB pDataOut);
[DllImport("crypt32", CharSet=CharSet.Auto)]
public static extern bool CryptUnprotectData(ref DATA_BLOB pDataIn, StringBuilder szDataDescr, ref DATA_BLOB pOptionalEntropy, IntPtr pvReserved, IntPtr pPromptStruct, int dwFlags, ref DATA_BLOB pDataOut);
[DllImport("kernel32")]
public static extern IntPtr LocalFree(IntPtr hMem);
public Win32();
// Fields
public const int CRYPTPROTECT_UI_FORBIDDEN = 1;
public const int CRYPTPROTECT_LOCAL_MACHINE = 4;
// Nested Types
[StructLayout(LayoutKind.Sequential)]
public struct DATA_BLOB
{
public int cbData;
public IntPtr pbData;
}
}
}
public static string Encrypt(string data, DataProtection.Store store)
{
string text1 = "";
DataProtection.Win32.DATA_BLOB data_blob1 = new DataProtection.Win32.DATA_BLOB();
DataProtection.Win32.DATA_BLOB data_blob2 = new DataProtection.Win32.DATA_BLOB();
DataProtection.Win32.DATA_BLOB data_blob3 = new DataProtection.Win32.DATA_BLOB();
try
{
int num1 = 1 | ((store == DataProtection.Store.Machine) ? 4 : 0);
DataProtection.SetBlobData(ref data_blob1, Encoding.ASCII.GetBytes(data));
DataProtection.SetBlobData(ref data_blob2, DataProtection.Consts.EntropyData);
if (DataProtection.Win32.CryptProtectData(ref data_blob1, "", ref data_blob2, IntPtr.Zero, IntPtr.Zero, num1, ref data_blob3))
{
byte[] buffer1 = DataProtection.GetBlobData(ref data_blob3);
if (buffer1 == null)
{
return text1;
}
text1 = Convert.ToBase64String(buffer1);
}
}
catch
{
}
finally
{
if (data_blob1.pbData.ToInt32() != 0)
{
Marshal.FreeHGlobal(data_blob1.pbData);
}
if (data_blob2.pbData.ToInt32() != 0)
{
Marshal.FreeHGlobal(data_blob2.pbData);
}
}
return text1;
}
public static string Decrypt(string data, DataProtection.Store store)
{
string text1 = "";
DataProtection.Win32.DATA_BLOB data_blob1 = new DataProtection.Win32.DATA_BLOB();
DataProtection.Win32.DATA_BLOB data_blob2 = new DataProtection.Win32.DATA_BLOB();
DataProtection.Win32.DATA_BLOB data_blob3 = new DataProtection.Win32.DATA_BLOB();
try
{
int num1 = 1 | ((store == DataProtection.Store.Machine) ? 4 : 0);
byte[] buffer1 = Convert.FromBase64String(data);
DataProtection.SetBlobData(ref data_blob1, buffer1);
DataProtection.SetBlobData(ref data_blob2, DataProtection.Consts.EntropyData);
if (DataProtection.Win32.CryptUnprotectData(ref data_blob1, null, ref data_blob2, IntPtr.Zero, IntPtr.Zero, num1, ref data_blob3))
{
byte[] buffer2 = DataProtection.GetBlobData(ref data_blob3);
if (buffer2 == null)
{
return text1;
}
text1 = Encoding.ASCII.GetString(buffer2);
}
}
catch
{
}
finally
{
if (data_blob1.pbData.ToInt32() != 0)
{
Marshal.FreeHGlobal(data_blob1.pbData);
}
if (data_blob2.pbData.ToInt32() != 0)
{
Marshal.FreeHGlobal(data_blob2.pbData);
}
}
return text1;
}
加密算法全看到了
只是看不到
private class Consts
{
// specify an entropy so other DPAPI applications can't see the data
public readonly static byte[] EntropyData = ASCIIEncoding.ASCII.GetBytes("B0D125B7-967E-4f94-9305-A6F9AF56A19A");
}里的 EntropyData (密钥)数据,其他的代码都能看到了,破译还没成功
接着用Remotesoft .NET Explorer Evaluation软件(http://www.remotesoft.com/salamander/obfuscator/download.html)
反编译后
.class nested private auto ansi beforefieldinit Consts
extends [mscorlib]System.Object
{
.field public static initonly unsigned int8[] EntropyData
.method private hidebysig specialname rtspecialname static void .cctor() cil managed
{
.maxstack 2
IL_0000: call class [mscorlib]System.Text.Encoding [mscorlib]System.Text.Encoding::get_ASCII()
IL_0005: ldstr "B0D125B7-967E-4f94-9305-A6F9AF56A19A"
IL_000a: callvirt instance unsigned int8[] [mscorlib]System.Text.Encoding::GetBytes(string)
IL_000f: stsfld unsigned int8[] SMIS.Class.DataProtection/Consts::EntropyData
IL_0014: ret
}
.method public hidebysig specialname rtspecialname instance void .ctor() cil managed
{
.maxstack 1
IL_0000: ldarg.0
IL_0001: call instance void [mscorlib]System.Object::.ctor()
IL_0006: ret
}
}
KEY也出来了(B0D125B7-967E-4f94-9305-A6F9AF56A19A);
破解完全成功
这样下去还谈什么安全问题啊?????????????
1// Uses the Data Protection API (DPAPI) to encrypt and decrypt secrets
2// based on the logged in user or local machine.
3
4using System;
5using System.Runtime.InteropServices;
6using System.Security;
7using System.Text;
8
9namespace IssueVision
10{
11 public sealed class DataProtection
12 {
13 // use local machine or user to encrypt and decrypt the data
14 public enum Store
15 {
16 Machine,
17 User
18 }
19
20 // const values
21 private class Consts
22 {
23 // specify an entropy so other DPAPI applications can't see the data
24 public readonly static byte[] EntropyData = ASCIIEncoding.ASCII.GetBytes("B0D125B7-967E-4f94-9305-A6F9AF56A19A");
25 }
26
27 // static class
28 private DataProtection()
29 {
30 }
31
32 // public methods
33
34 // encrypt the data using DPAPI, returns a base64-encoded encrypted string
35 public static string Encrypt(string data, Store store)//加密
36 {
37 // holds the result string
38 string result = "";
39
40 // blobs used in the CryptProtectData call
41 Win32.DATA_BLOB inBlob = new Win32.DATA_BLOB();
42 Win32.DATA_BLOB entropyBlob = new Win32.DATA_BLOB();
43 Win32.DATA_BLOB outBlob = new Win32.DATA_BLOB();
44
45 try
46 {
47 // setup flags passed to the CryptProtectData call
48 int flags = Win32.CRYPTPROTECT_UI_FORBIDDEN |
49 (int)((store == Store.Machine) ? Win32.CRYPTPROTECT_LOCAL_MACHINE : 0);
50
51 // setup input blobs, the data to be encrypted and entropy blob
52 SetBlobData(ref inBlob, ASCIIEncoding.ASCII.GetBytes(data));
53 SetBlobData(ref entropyBlob, Consts.EntropyData);
54
55 // call the DPAPI function, returns true if successful and fills in the outBlob
56 if (Win32.CryptProtectData(ref inBlob, "", ref entropyBlob, IntPtr.Zero, IntPtr.Zero, flags, ref outBlob))
57 {
58 byte[] resultBits = GetBlobData(ref outBlob);
59 if (resultBits != null)
60 result = Convert.ToBase64String(resultBits);
61 }
62 }
63 catch
64 {
65 // an error occurred, return an empty string
66 }
67 finally
68 {
69 // clean up
70 if (inBlob.pbData.ToInt32() != 0)
71 Marshal.FreeHGlobal(inBlob.pbData);
72
73 if (entropyBlob.pbData.ToInt32() != 0)
74 Marshal.FreeHGlobal(entropyBlob.pbData);
75 }
76
77 return result;
78 }
79
80 // decrypt the data using DPAPI, data is a base64-encoded encrypted string
81 public static string Decrypt( string data, Store store)
82 {
83 // holds the result string
84 string result = "";
85
86 // blobs used in the CryptUnprotectData call
87 Win32.DATA_BLOB inBlob = new Win32.DATA_BLOB();
88 Win32.DATA_BLOB entropyBlob = new Win32.DATA_BLOB();
89 Win32.DATA_BLOB outBlob = new Win32.DATA_BLOB();
90
91 try
92 {
93 // setup flags passed to the CryptUnprotectData call
94 int flags = Win32.CRYPTPROTECT_UI_FORBIDDEN |
95 (int)((store == Store.Machine) ? Win32.CRYPTPROTECT_LOCAL_MACHINE : 0);
96
97 // the CryptUnprotectData works with a byte array, convert string data
98 byte[] bits = Convert.FromBase64String(data);
99
100 // setup input blobs, the data to be decrypted and entropy blob
101 SetBlobData(ref inBlob, bits);
102 SetBlobData(ref entropyBlob, Consts.EntropyData);
103
104 // call the DPAPI function, returns true if successful and fills in the outBlob
105 if (Win32.CryptUnprotectData(ref inBlob, null, ref entropyBlob, IntPtr.Zero, IntPtr.Zero, flags, ref outBlob))
106 {
107 byte[] resultBits = GetBlobData(ref outBlob);
108 if (resultBits != null)
109 result = ASCIIEncoding.ASCII.GetString(resultBits);
110 }
111 }
112 catch
113 {
114 // an error occurred, return an empty string
115 }
116 finally
117 {
118 // clean up
119 if (inBlob.pbData.ToInt32() != 0)
120 Marshal.FreeHGlobal(inBlob.pbData);
121
122 if (entropyBlob.pbData.ToInt32() != 0)
123 Marshal.FreeHGlobal(entropyBlob.pbData);
124 }
125
126 return result;
127 }
128
129
130 // internal methods
131
132 #region Data Protection API
133
134 private class Win32
135 {
136 public const int CRYPTPROTECT_UI_FORBIDDEN = 0x1;
137 public const int CRYPTPROTECT_LOCAL_MACHINE = 0x4;
138
139 [StructLayout(LayoutKind.Sequential)]
140 public struct DATA_BLOB
141 {
142 public int cbData;
143 public IntPtr pbData;
144 }
145
146 [DllImport("crypt32", CharSet=CharSet.Auto)]
147 public static extern bool CryptProtectData(ref DATA_BLOB pDataIn, string szDataDescr, ref DATA_BLOB pOptionalEntropy, IntPtr pvReserved, IntPtr pPromptStruct, int dwFlags, ref DATA_BLOB pDataOut);
148
149 [DllImport("crypt32", CharSet=CharSet.Auto)]
150 public static extern bool CryptUnprotectData(ref DATA_BLOB pDataIn, StringBuilder szDataDescr, ref DATA_BLOB pOptionalEntropy, IntPtr pvReserved, IntPtr pPromptStruct, int dwFlags, ref DATA_BLOB pDataOut);
151
152 [DllImport("kernel32")]
153 public static extern IntPtr LocalFree(IntPtr hMem);
154 }
155
156 #endregion
157
158 // helper method that fills in a DATA_BLOB, copies
159 // data from managed to unmanaged memory
160 private static void SetBlobData(ref Win32.DATA_BLOB blob, byte[] bits)
161 {
162 blob.cbData = bits.Length;
163 blob.pbData = Marshal.AllocHGlobal(bits.Length);
164 Marshal.Copy(bits, 0, blob.pbData, bits.Length);
165 }
166
167 // helper method that gets data from a DATA_BLOB,
168 // copies data from unmanaged memory to managed
169 private static byte[] GetBlobData(ref Win32.DATA_BLOB blob)
170 {
171 // return an empty string if the blob is empty
172 if (blob.pbData.ToInt32() == 0)
173 return null;
174
175 // copy information from the blob
176 byte[] data = new byte[blob.cbData];
177 Marshal.Copy(blob.pbData, data, 0, blob.cbData);
178 Win32.LocalFree(blob.pbData);
179
180 return data;
181 }
182 }
183
184}
185
// Uses the Data Protection API (DPAPI) to encrypt and decrypt secrets2
// based on the logged in user or local machine. 3
4
using System;5
using System.Runtime.InteropServices;6
using System.Security;7
using System.Text;8
9
namespace IssueVision10
{
11
public sealed class DataProtection 12
{
13
// use local machine or user to encrypt and decrypt the data14
public enum Store15
{16
Machine,17
User18
}19
20
// const values21
private class Consts 22
{23
// specify an entropy so other DPAPI applications can't see the data24
public readonly static byte[] EntropyData = ASCIIEncoding.ASCII.GetBytes("B0D125B7-967E-4f94-9305-A6F9AF56A19A");25
}26
27
// static class28
private DataProtection()29
{30
}31
32
// public methods33
34
// encrypt the data using DPAPI, returns a base64-encoded encrypted string35
public static string Encrypt(string data, Store store)//加密36
{37
// holds the result string38
string result = "";39
40
// blobs used in the CryptProtectData call41
Win32.DATA_BLOB inBlob = new Win32.DATA_BLOB();42
Win32.DATA_BLOB entropyBlob = new Win32.DATA_BLOB();43
Win32.DATA_BLOB outBlob = new Win32.DATA_BLOB();44
45
try 46
{47
// setup flags passed to the CryptProtectData call48
int flags = Win32.CRYPTPROTECT_UI_FORBIDDEN | 49
(int)((store == Store.Machine) ? Win32.CRYPTPROTECT_LOCAL_MACHINE : 0);50
51
// setup input blobs, the data to be encrypted and entropy blob52
SetBlobData(ref inBlob, ASCIIEncoding.ASCII.GetBytes(data));53
SetBlobData(ref entropyBlob, Consts.EntropyData);54
55
// call the DPAPI function, returns true if successful and fills in the outBlob56
if (Win32.CryptProtectData(ref inBlob, "", ref entropyBlob, IntPtr.Zero, IntPtr.Zero, flags, ref outBlob)) 57
{58
byte[] resultBits = GetBlobData(ref outBlob);59
if (resultBits != null) 60
result = Convert.ToBase64String(resultBits);61
}62
}63
catch64
{65
// an error occurred, return an empty string66
}67
finally 68
{69
// clean up70
if (inBlob.pbData.ToInt32() != 0) 71
Marshal.FreeHGlobal(inBlob.pbData);72
73
if (entropyBlob.pbData.ToInt32() != 0) 74
Marshal.FreeHGlobal(entropyBlob.pbData);75
}76
77
return result;78
}79
80
// decrypt the data using DPAPI, data is a base64-encoded encrypted string81
public static string Decrypt( string data, Store store) 82
{83
// holds the result string84
string result = "";85
86
// blobs used in the CryptUnprotectData call87
Win32.DATA_BLOB inBlob = new Win32.DATA_BLOB();88
Win32.DATA_BLOB entropyBlob = new Win32.DATA_BLOB();89
Win32.DATA_BLOB outBlob = new Win32.DATA_BLOB();90
91
try 92
{93
// setup flags passed to the CryptUnprotectData call94
int flags = Win32.CRYPTPROTECT_UI_FORBIDDEN |95
(int)((store == Store.Machine) ? Win32.CRYPTPROTECT_LOCAL_MACHINE : 0);96
97
// the CryptUnprotectData works with a byte array, convert string data98
byte[] bits = Convert.FromBase64String(data);99
100
// setup input blobs, the data to be decrypted and entropy blob101
SetBlobData(ref inBlob, bits);102
SetBlobData(ref entropyBlob, Consts.EntropyData);103
104
// call the DPAPI function, returns true if successful and fills in the outBlob105
if (Win32.CryptUnprotectData(ref inBlob, null, ref entropyBlob, IntPtr.Zero, IntPtr.Zero, flags, ref outBlob)) 106
{107
byte[] resultBits = GetBlobData(ref outBlob);108
if (resultBits != null) 109
result = ASCIIEncoding.ASCII.GetString(resultBits);110
}111
}112
catch 113
{114
// an error occurred, return an empty string115
}116
finally 117
{118
// clean up119
if (inBlob.pbData.ToInt32() != 0) 120
Marshal.FreeHGlobal(inBlob.pbData);121
122
if (entropyBlob.pbData.ToInt32() != 0) 123
Marshal.FreeHGlobal(entropyBlob.pbData);124
}125
126
return result;127
}128
129
130
// internal methods131
132
#region Data Protection API133
134
private class Win32 135
{136
public const int CRYPTPROTECT_UI_FORBIDDEN = 0x1;137
public const int CRYPTPROTECT_LOCAL_MACHINE = 0x4;138
139
[StructLayout(LayoutKind.Sequential)]140
public struct DATA_BLOB141
{142
public int cbData;143
public IntPtr pbData;144
}145
146
[DllImport("crypt32", CharSet=CharSet.Auto)]147
public static extern bool CryptProtectData(ref DATA_BLOB pDataIn, string szDataDescr, ref DATA_BLOB pOptionalEntropy, IntPtr pvReserved, IntPtr pPromptStruct, int dwFlags, ref DATA_BLOB pDataOut);148
149
[DllImport("crypt32", CharSet=CharSet.Auto)]150
public static extern bool CryptUnprotectData(ref DATA_BLOB pDataIn, StringBuilder szDataDescr, ref DATA_BLOB pOptionalEntropy, IntPtr pvReserved, IntPtr pPromptStruct, int dwFlags, ref DATA_BLOB pDataOut);151
152
[DllImport("kernel32")] 153
public static extern IntPtr LocalFree(IntPtr hMem);154
}155
156
#endregion157
158
// helper method that fills in a DATA_BLOB, copies 159
// data from managed to unmanaged memory160
private static void SetBlobData(ref Win32.DATA_BLOB blob, byte[] bits) 161
{162
blob.cbData = bits.Length;163
blob.pbData = Marshal.AllocHGlobal(bits.Length);164
Marshal.Copy(bits, 0, blob.pbData, bits.Length);165
}166
167
// helper method that gets data from a DATA_BLOB, 168
// copies data from unmanaged memory to managed169
private static byte[] GetBlobData(ref Win32.DATA_BLOB blob) 170
{171
// return an empty string if the blob is empty172
if (blob.pbData.ToInt32() == 0) 173
return null;174
175
// copy information from the blob176
byte[] data = new byte[blob.cbData];177
Marshal.Copy(blob.pbData, data, 0, blob.cbData);178
Win32.LocalFree(blob.pbData);179
180
return data;181
}182
}183
184
}185
使用反编译软件后 Reflector后(代码如下)
public sealed class DataProtection{ // Methods private DataProtection(); public static string Encrypt(string data, Store store); public static string Decrypt(string data, Store store); private static void SetBlobData(ref Win32.DATA_BLOB blob, byte[] bits); private static byte[] GetBlobData(ref Win32.DATA_BLOB blob); // Nested Types public enum Store { // Fields Machine = 0, User = 1 } private class Consts { // Methods static Consts(); public Consts(); // Fields public static readonly byte[] EntropyData; } private class Win32 { // Methods [DllImport("crypt32", CharSet=CharSet.Auto)] public static extern bool CryptProtectData(ref DATA_BLOB pDataIn, string szDataDescr, ref DATA_BLOB pOptionalEntropy, IntPtr pvReserved, IntPtr pPromptStruct, int dwFlags, ref DATA_BLOB pDataOut); [DllImport("crypt32", CharSet=CharSet.Auto)] public static extern bool CryptUnprotectData(ref DATA_BLOB pDataIn, StringBuilder szDataDescr, ref DATA_BLOB pOptionalEntropy, IntPtr pvReserved, IntPtr pPromptStruct, int dwFlags, ref DATA_BLOB pDataOut); [DllImport("kernel32")] public static extern IntPtr LocalFree(IntPtr hMem); public Win32(); // Fields public const int CRYPTPROTECT_UI_FORBIDDEN = 1; public const int CRYPTPROTECT_LOCAL_MACHINE = 4; // Nested Types [StructLayout(LayoutKind.Sequential)] public struct DATA_BLOB { public int cbData; public IntPtr pbData; } }}public static string Encrypt(string data, DataProtection.Store store){ string text1 = ""; DataProtection.Win32.DATA_BLOB data_blob1 = new DataProtection.Win32.DATA_BLOB(); DataProtection.Win32.DATA_BLOB data_blob2 = new DataProtection.Win32.DATA_BLOB(); DataProtection.Win32.DATA_BLOB data_blob3 = new DataProtection.Win32.DATA_BLOB(); try { int num1 = 1 | ((store == DataProtection.Store.Machine) ? 4 : 0); DataProtection.SetBlobData(ref data_blob1, Encoding.ASCII.GetBytes(data)); DataProtection.SetBlobData(ref data_blob2, DataProtection.Consts.EntropyData); if (DataProtection.Win32.CryptProtectData(ref data_blob1, "", ref data_blob2, IntPtr.Zero, IntPtr.Zero, num1, ref data_blob3)) { byte[] buffer1 = DataProtection.GetBlobData(ref data_blob3); if (buffer1 == null) { return text1; } text1 = Convert.ToBase64String(buffer1); } } catch { } finally { if (data_blob1.pbData.ToInt32() != 0) { Marshal.FreeHGlobal(data_blob1.pbData); } if (data_blob2.pbData.ToInt32() != 0) { Marshal.FreeHGlobal(data_blob2.pbData); } } return text1;}public static string Decrypt(string data, DataProtection.Store store){ string text1 = ""; DataProtection.Win32.DATA_BLOB data_blob1 = new DataProtection.Win32.DATA_BLOB(); DataProtection.Win32.DATA_BLOB data_blob2 = new DataProtection.Win32.DATA_BLOB(); DataProtection.Win32.DATA_BLOB data_blob3 = new DataProtection.Win32.DATA_BLOB(); try { int num1 = 1 | ((store == DataProtection.Store.Machine) ? 4 : 0); byte[] buffer1 = Convert.FromBase64String(data); DataProtection.SetBlobData(ref data_blob1, buffer1); DataProtection.SetBlobData(ref data_blob2, DataProtection.Consts.EntropyData); if (DataProtection.Win32.CryptUnprotectData(ref data_blob1, null, ref data_blob2, IntPtr.Zero, IntPtr.Zero, num1, ref data_blob3)) { byte[] buffer2 = DataProtection.GetBlobData(ref data_blob3); if (buffer2 == null) { return text1; } text1 = Encoding.ASCII.GetString(buffer2); } } catch { } finally { if (data_blob1.pbData.ToInt32() != 0) { Marshal.FreeHGlobal(data_blob1.pbData); } if (data_blob2.pbData.ToInt32() != 0) { Marshal.FreeHGlobal(data_blob2.pbData); } } return text1;}加密算法全看到了
只是看不到
private class Consts { // specify an entropy so other DPAPI applications can't see the data public readonly static byte[] EntropyData = ASCIIEncoding.ASCII.GetBytes("B0D125B7-967E-4f94-9305-A6F9AF56A19A"); }接着用Remotesoft .NET Explorer Evaluation软件(http://www.remotesoft.com/salamander/obfuscator/download.html)
反编译后
.class nested private auto ansi beforefieldinit Consts extends [mscorlib]System.Object{ .field public static initonly unsigned int8[] EntropyData .method private hidebysig specialname rtspecialname static void .cctor() cil managed { .maxstack 2 IL_0000: call class [mscorlib]System.Text.Encoding [mscorlib]System.Text.Encoding::get_ASCII() IL_0005: ldstr "B0D125B7-967E-4f94-9305-A6F9AF56A19A" IL_000a: callvirt instance unsigned int8[] [mscorlib]System.Text.Encoding::GetBytes(string) IL_000f: stsfld unsigned int8[] SMIS.Class.DataProtection/Consts::EntropyData IL_0014: ret } .method public hidebysig specialname rtspecialname instance void .ctor() cil managed { .maxstack 1 IL_0000: ldarg.0 IL_0001: call instance void [mscorlib]System.Object::.ctor() IL_0006: ret }}KEY也出来了(B0D125B7-967E-4f94-9305-A6F9AF56A19A);
破解完全成功
这样下去还谈什么安全问题啊?????????????
浙公网安备 33010602011771号