代码的逆向工程 [英] reverse engineering of code
本文介绍了代码的逆向工程的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在编写一个程序,根据他的电子邮件地址为用户提供一个唯一的密码,我在网上找到了这段代码。我现在正试图反转代码,以便我可以从密码中取回电子邮件地址,请任何人告诉我从解码开始。
静态 char [] ValidChars = {< span class =code-string>' 2',' 3',' 4',' 5',' 6',' 7',' 8',' 9' ,' A',' B',' C', ' D',' E',' F',' G',' H', ' J',' K',' L',' M',' N',' P',' Q',' R',' S',' T',' U',' V',' W',' X',' Y',' Z'}; // len = 32
const string hashkey = password ;
// HMAC功能的关键 - 更改!
const int codelength = 6 ; // 密码的长度
string GetCodeForEmail( string address)
{
byte [] hash;
使用(HMACSHA1 sha1 = new HMACSHA1(ASCIIEncoding.ASCII .GetBytes(hashkey))) hash = sha1。 ComputeHash(UTF8Encoding.UTF8.GetBytes(address)); int startpos = hash [hash。长度 - 1 ]%(散列。长度 - 代码长度); StringBuilder passbuilder = new StringBuilder(); for ( int i = startpos; i < startpos + codelength; i ++)passbuilder。追加(ValidChars [hash [i]%ValidChars.Length]); 返回 passbuilder。 ToString(); }
解决方案
1)你不能。这是哈希,而不是加密算法 - 不同之处在于哈希是不可逆的,加密是。
2)这就是人们使用哈希而不是加密的原因 - 阻止像你这样的人访问密码并重新启动它们。
3)即使它是,这是一个软件专业人士的网站,而不是想成为黑客。
4)我投票的原因:见上面的1 - 3。
你不能反向哈希。
根据用户的已知信息分配密码?您是否可能想出更隐秘的密码生成方式?!?!
请勿这样做!
没有充分的理由能够从任何散列或加密数据中恢复原始密码。 NEVER!
I'm writting a program to give a user a unique password based on his email address and i found this piece of code online. I'm now trying to reverse the code so that i can get back the email address from the password, pls can anyone tell me start with the decoding.
static char [] ValidChars = { '2' , '3' , '4' , '5' , '6' , '7' , '8' , '9' , 'A' , 'B' , 'C' , 'D' , 'E' , 'F' , 'G' , 'H' , 'J' , 'K' , 'L' , 'M' , 'N' , 'P' , 'Q' , 'R' , 'S' , 'T' , 'U' , 'V' , 'W' , 'X' , 'Y' , 'Z' }; // len=32
const string hashkey = "password" ;
//key for HMAC function -- change!
const int codelength = 6 ; // lenth of passcode
string GetCodeForEmail ( string address )
{
byte [] hash ;
using ( HMACSHA1 sha1 = new HMACSHA1 ( ASCIIEncoding . ASCII .GetBytes ( hashkey ))) hash = sha1 . ComputeHash ( UTF8Encoding . UTF8 . GetBytes ( address )); int startpos = hash [ hash . Length - 1 ] % ( hash . Length - codelength ); StringBuilder passbuilder = new StringBuilder (); for ( int i = startpos ; i < startpos + codelength ; i ++) passbuilder . Append ( ValidChars [ hash [ i ] % ValidChars . Length ]); return passbuilder . ToString (); }
解决方案
1) You can't. It's a hash, not an encryption algortithm - the difference is that hashes are not reversable, encryption is.
2) That's the reason people use hashes instead of encryption - to stop people like you from accessing passwords and back enginerring them.
3) Even if it was, this is a site for software professional, not wanna-be hackers.
4) Reason for my vote of one: see 1 - 3 above.
You can't reverse hash.
Assigning a password based on known information about a user?? Could you possibly come up with a more INSECURE way of generating passwords?!?!
DO NOT DO THIS!
There is NEVER a good reason to have the ability to get the original password back from any hashed or encrypted data. NEVER!
这篇关于代码的逆向工程的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文