VB.NET MySQL使用MD5 + Salt登录 [英] VB.NET MySQL Login using MD5 + Salt

问题描述

Imports System.Security.Cryptography
Imports MySql.Data.MySqlClient
Public Class LoginForm1

    Private Sub Cancel_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Cancel.Click
        Me.Close()
    End Sub
        Dim MySqlConnection As MySqlConnection
        Private Function StringtoMD5(ByVal Content As String) As String
        Dim M5 As New System.Security.Cryptography.MD5CryptoServiceProvider
            Dim ByteString() As Byte = System.Text.Encoding.ASCII.GetBytes(Content)
        ByteString = M5.ComputeHash(ByteString)
            Dim FinalString As String = Nothing
            For Each bt As Byte In ByteString
            FinalString &= bt.ToString("x2")
            Next
            Return FinalString
        End Function
        Private Sub OK_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles OK.Click
            PasswordTextBox.Text = StringtoMD5(PasswordTextBox.Text)
            MySqlConnection = New MySqlConnection
        MySqlConnection.ConnectionString = "Server=****;Database=****;Uid=****;Pwd=****;"
            MySqlConnection.Open()

            Dim Myadapter As New MySqlDataAdapter
        Dim sqlquary = "SELECT * FROM table_name WHERE username='" & UsernameTextBox.Text & "'AND password='" & PasswordTextBox.Text & "';"

            Dim command As New MySqlCommand
            command.Connection = MySqlConnection
            command.CommandText = sqlquary
            Myadapter.SelectCommand = command
            Dim mydata As MySqlDataReader
            mydata = command.ExecuteReader
            If mydata.HasRows = 0 Then
                MsgBox("Sorry! We can't find your Username and Password. Try Again or contact us on the forum")
            Else
                Form1.Show()
                Me.Close()

            End If
    End Sub
End Class

我正在尝试登录申请连接到我的网站数据库并尝试通过从表中获取用户名和密码登录数据库。它连接到数据库并找到用户名，但它不喜欢它的密码，因为它使用MD5和Salt。有谁知道如何使这个工作并获得正确的哈希值？



盐=7UEJD7xQ

MD5 =923c5abb8c5cdf0cf3e60c02716f3763

密码=iBD1Ux6V



帮助将不胜感谢！

I'm trying to make a login application that connects to my website database and try's logging in through the database by grabbing the username and password from the table. It connects to the database and finds the username but it does not like the password for it because it uses MD5 and Salt. Does anyone know how to get this working and get the hash value right?

Salt = "7UEJD7xQ"
MD5 = "923c5abb8c5cdf0cf3e60c02716f3763"
Password = "iBD1Ux6V"

Help would be appreciated thanks!

推荐答案

你做错了。



你的代码中没有使用盐，所以我不知道你认为你在做什么......



这很简单，你从用户那里得到密码，加盐，哈希，然后存储哈希的字节。



要检查输入的密码，除了不存储哈希之外，你会做同样的事情。您使用输入的用户名从数据库中检索哈希值，然后将输入的哈希值与检索到的哈希值进行比较。

You're doing it wrong.

Nowhere in your code are you using salt, so I don't know what you think you're doing there...

It's simple really, you get the password from the user, salt it, hash it, then store the bytes of the hash.

To check the entered password, you do the exact same thing, except you don't store the hash. You retrieve the hash from the database using the entered username, then compare the entered hash to the retrieved.

这篇关于VB.NET MySQL使用MD5 + Salt登录的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！