Shulou(Shulou.com)05/31 Report--

This article mainly introduces "how to solve the problem of encrypting the database connection string in the configuration file". In the daily operation, it is believed that many people have doubts about how to solve the problem of encrypting the database connection string in the configuration file. The editor consulted all kinds of materials and sorted out simple and useful operation methods. I hope it will be helpful for you to answer the question of "how to solve the problem of encrypting the database connection string in the configuration file"! Next, please follow the editor to study!

One: background

1. Tell a story

A few days ago, when I debugged a bug on the connection cabinet terminal of things, I found that the database connection string in app.config is encrypted. Because I want to switch databases during debugging, I need to decrypt the ciphertext on a special gadget. After changing the database name on the connection string, I have to encrypt and paste it to app.config, which is annoying. The contents are as follows:

After changing the bug, I thought, who can this thing prevent? I think that to make so much trouble is to guard against a gentleman, a wise person like me, with or without encryption is equal to no encryption, so I will get you out of the library. ???

Second: use ILSpy to remove the library.

1. Decompile code from the DAL/Repository layer

To get the plaintext database connection string, you can deduce it from the code, such as finding the connection string field ConnectionString from DAL or Repository. The terminal program on my side is written in wpf and uses the classic three-tier architecture, so it can be easily found under bin, as shown below:

Next, decompile the dll with ILSPy.

As can be seen from the above picture, the plaintext of the connection string is stored in: OleDbHelper.ConnectionString, and then you can see that a Decrypt method is defined in the program to decrypt the connection string. Haha, with this algorithm, can it be removed from the library? The following code is shown:

Class Program {static void Main (string [] args) {var str = "XfES27am6Muw48iB1GlMVqvUbq7/Pp9n4XbZJsDu19YDr/Zdb3m7KT6haD7f9HLj/ZEvIiZbmSU4O5L9g03Y5IUB6KLCZI7s3nDLwTIC+bXLf5quu/r8ZAI+rgNnsNZdwoDfquRLQy5Cf2X8/MFDOcMNaZYMpTYeHsZoEERU/TP9t3n5QllJTihrmDFbiGHLqe1kfN3uB3g1kgs0oobIEfNPr09kQ/pFgzZi/kZCrK10PLZZ0pFj1YU5ReFqBsdBlecV3D2Zl3lx1Ibls24t7w=="; Console.WriteLine (Decrypt (str)) } public static string Decrypt (string str) {if (! string.IsNullOrEmpty (str)) {DESCryptoServiceProvider descsp = new DESCryptoServiceProvider (); byte [] key = Encoding.Unicode.GetBytes ("Oyea"); byte [] data = Convert.FromBase64String (str); MemoryStream MStream = new MemoryStream () CryptoStream CStream = new CryptoStream (MStream, descsp.CreateDecryptor (key, key), CryptoStreamMode.Write); CStream.Write (data, 0, data.Length); CStream.FlushFinalBlock (); return Encoding.Unicode.GetString (MStream.ToArray ());} return "";}}

Fortunately, the database is also deployed independently on the customer's side, and there is no case of going outside the network, otherwise it will be too big. Next, let's see how to prevent it.

two。 Shell / confuse / encrypt dog

Now the commercial version and free version of the market are provided to encrypt and confuse the C# code, but I have not used it. I think at most some obstacles have been added to the readability after decompilation of the code, which is just a matter of time. After all, you can not confuse these FCL classes of SqlConnection,SqlCommand. I can easily find plaintext ConnectionString from these classes, so I think this road is not feasible.

3. Put the decryption algorithm on the server side

Since the decryption algorithm is buried in the client, you can dig it out, so why not put it on the server side? When the program starts, call webapi to decrypt it, so there's nothing you can do about it, right? Haha, you can think about whether this method is feasible or not. Admittedly, the decryption algorithm has moved away, and it doesn't make any sense to use ILSpy to dig, but here is an important breakthrough. No matter what form it is decrypted, the final connection string plaintext is stored in the static variable OleDbHelper.ConnectionString, right? The next question is, is there any way to dig up this static variable in the process? You are right, that is, to grab the dump file of the program and use windbg to dig.

Three: use windbg to remove the library.

1. Train of thought

In fact, it is very simple to dig up OleDbHelper.ConnectionString. There is a classic picture of the interpretation of object types and type objects in Chapter 4 of CLR via C #.

As you can see from the figure above, the static fields are in the Manager type object and the instance fields are all in the Manager object. Compared to this figure, I only need to find the OleDbHelper type object through windbg, which is the so-called EEClass.

2. Windbg mining practice

Use! name2ee to find the Decrypt method descriptor (MethodDesc)

0VR 000 >! name2ee xxx.Utilities.dll xxx.Utilities.Database.OleDbHelper.Decrypt Module: 08ed7cdc Assembly: xxx.Utilities.dll Token: 060002aa MethodDesc: 08ed83b0 Name: xxx.Utilities.Database.OleDbHelper.Decrypt (System.String) JITTED Code Address: 048b6af0

MethodDesc: 08ed83b0 above is the address of the method descriptor.

Use! dumpmd to export the details of the method descriptor and find the EEClass address of the object of type OleDbHelper

0VR 000 >! dumpmd 08ed83b0 Method Name: xxx.Utilities.Database.OleDbHelper.Decrypt (System.String) Class: 08ecab30 MethodTable: 08ed8468 mdToken: 060002aa Module: 08ed7cdc IsJitted: yes CodeAddr: 048b6af0 Transparency: Critical

The Class: 08ecab30 above is the memory address of an object of type OleDbHelper on the heap.

Use! dumpclass to export Class: 08ecab30 to find the static field of the OleDbHelper class

0code >! dumpclass 08ecab30 Class Name: xxx.Utilities.Database.OleDbHelper mdToken: 02000033 File: d:\ code\ A18001\ Source\ Main\ TunnelClient\ bin\ Debug\ xxx.Utilities.dll Parent Class: 795115b0 Module: 08ed7cdc Method Table: 08ed8468 Vtable Slots: 4 Total Method Slots: 6 Class Attributes: 100081 Abstract Transparency: Critical NumInstanceFields: 0 NumStaticFields: 2 MT Field Offset Type VT Attr Value Name 799bfd60 4000152 74 System.String 0 static 04c28270 ConnectionString 799bfd60 4000153 78 System.String 0 static 04c299e8 SecurityConnectionString

From the export above, you can see that there are two static fields in the OleDbHelper class: ConnectionString and SecurityConnectionString.

Use! do to print out two static fields

See, the two purple boxes in the picture above are plaintext ConnectionString, huh? No?.

At this point, the study on "how to solve the problem of encrypting the database connection string in the configuration file" is over. I hope to be able to solve everyone's doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.