C#下的encryptHelper加密帮助类测试-vulsee.com

测试某软件，微慑网C/S架构，登陆处有password字段加密，加密方式未知，目测为.NET程序，使用ILSpy进行反编译：

发现使用了 EncryptHelper.Encrypt(password)进行加密，跟进发现硬编码了key及iv

于是直接copy代码，进行加解密测试：微慑网

using System;
using System.IO;
using System.Security.Cryptography;
using System.Text;
namespace _1
{

    public static class EncryptHelper
    {
        private const string EncryptKey = "****";

        public static string Encrypt(string pToEncrypt)
        {
            DESCryptoServiceProvider des = new DESCryptoServiceProvider
            {
                Key = Encoding.ASCII.GetBytes("****"),
                IV = Encoding.ASCII.GetBytes("****")
            };
            byte[] inputByteArray = Encoding.Default.GetBytes(pToEncrypt);
            MemoryStream ms = new MemoryStream();
            CryptoStream cs = new CryptoStream(ms, des.CreateEncryptor(), CryptoStreamMode.Write);
            cs.Write(inputByteArray, 0, inputByteArray.Length);
            cs.FlushFinalBlock();
            StringBuilder ret = new StringBuilder();
            byte[] array = ms.ToArray();
            foreach (byte b in array)
            {
                ret.AppendFormat("{0:X2}", b);
            }
            return ret.ToString();
        }

        public static string Decrypt(string pToDecrypt)
        {
            DESCryptoServiceProvider des = new DESCryptoServiceProvider();
            byte[] inputByteArray = new byte[pToDecrypt.Length / 2];
            for (int x = 0; x < pToDecrypt.Length / 2; x++)
            {
                int i = Convert.ToInt32(pToDecrypt.Substring(x * 2, 2), 16);
                inputByteArray[x] = (byte)i;
            }
            des.Key = Encoding.ASCII.GetBytes("***");
            des.IV = Encoding.ASCII.GetBytes("***");
            MemoryStream ms = new MemoryStream();
            CryptoStream cs = new CryptoStream(ms, des.CreateDecryptor(), CryptoStreamMode.Write);
            cs.Write(inputByteArray, 0, inputByteArray.Length);
            cs.FlushFinalBlock();
            return Encoding.Default.GetString(ms.ToArray());
        }
    }

    class Program
    {
        static void Main(string[] args)
        {
            //对常用字典进行加密，生成新的字典：
            /*
            string line = "";
            using (StreamReader sr = new StreamReader("MY-PASS.TXT"))
            {
                while ((line = sr.ReadLine()) != null)
                {
                    //Console.WriteLine(line);
                    string encText = EncryptHelper.Encrypt(line);
                    Console.WriteLine(encText);
                    //System.IO.File.WriteAllText(@"res.txt", encText, Encoding.UTF8);
                    System.IO.StreamWriter file = new System.IO.StreamWriter(@"res.txt", true);
                    file.WriteLine(encText);
                    file.Close();
                }
            }
            */

            //解密测试
            string encText = EncryptHelper.Decrypt("***********");
            //加密测试
            //string encText = EncryptHelper.Encrypt("123456");
            Console.WriteLine(encText);

            //Console.ReadKey();
        }
    }
}