PHP和asp.net C#可共用的可逆加密算法
发布时间:2023-08-01 13:58:27 所属栏目:PHP教程 来源:
导读:在php中fsockopen函数可以模仿用户去访问一些网站并且还可以带一些常用的信息,如果浏览器,IP,post,get 等等数据,下面我分别一来给大家介绍介绍.
如果你要使用fsockopen函数我们必须在php.ini中把allow_url_fopen
如果你要使用fsockopen函数我们必须在php.ini中把allow_url_fopen
|
在php中fsockopen函数可以模仿用户去访问一些网站并且还可以带一些常用的信息,如果浏览器,IP,post,get 等等数据,下面我分别一来给大家介绍介绍. 如果你要使用fsockopen函数我们必须在php.ini中把allow_url_fopen = On 设置为开启状态. 例,fsockopen() Example,代码如下: <?php $fp = fsockopen("www.Cuoxin.com", 80, $errno, $errstr, 30); if (!$fp) { echo "$errstr ($errno)<br />n"; } else { $out = "GET / HTTP/1.1rn"; $out .= "Host: www.example.comrn"; $out .= "Connection: Closernrn"; fwrite($fp, $out); while (!feof($fp)) { echo fgets($fp, 128); } fclose($fp); } ?> 伪造post,POST HTTP请求(URL)并获取返回值,代码如下: <?php a因为工作需我们需要在php中生成加密然后在asp.net中接受过来的密码再解密,下面我找到一个PHP与asp.net C#可共用的可逆加密算法,有需要了解的同学可参考. php加密算法,代码如下: <?php class DES { var $key; var $iv; //偏移量 function DES($key = '11001100', $iv=0 ) { //key长度8例如:1234abcd $this->key = $key; if( $iv == 0 ) { $this->iv = $key; //默认以$key 作为 iv } else { $this->iv = $iv; //mcrypt_create_iv ( mcrypt_get_block_size (MCRYPT_DES, MCRYPT_MODE_CBC), MCRYPT_DEV_RANDOM ); } } function encrypt($str) { //加密,返回大写十六进制字符串 $size = mcrypt_get_block_size ( MCRYPT_DES, MCRYPT_MODE_CBC ); $str = $this->pkcs5Pad ( $str, $size ); return strtoupper( bin2hex( mcrypt_cbc(MCRYPT_DES, $this->key, $str, MCRYPT_ENCRYPT, $this->iv ) ) ); } function decrypt($str) { //解密 $strBin = $this->hex2bin( strtolower( $str ) ); $str = mcrypt_cbc( MCRYPT_DES, $this->key, $strBin, MCRYPT_DECRYPT, $this->iv ); $str = $this->pkcs5Unpad( $str ); return $str; } function hex2bin($hexData) { $binData = ""; for($i = 0; $i < strlen ( $hexData ); $i += 2) { $binData .= chr ( hexdec ( substr ( $hexData, $i, 2 ) ) ); } return $binData; } function pkcs5Pad($text, $blocksize) { $pad = $blocksize - (strlen ( $text ) % $blocksize); return $text . str_repeat ( chr ( $pad ), $pad ); } function pkcs5Unpad($text) { $pad = ord ( $text {strlen ( $text ) - 1} ); //开源代码Cuoxin.com if ($pad > strlen ( $text )) return false; if (strspn ( $text, chr ( $pad ), strlen ( $text ) - $pad ) != $pad) return false; return substr ( $text, 0, - 1 * $pad ); } } ?> asp.net程序代码,代码如下: using System; using System.Collections.Generic; using System.IO; using System.Linq; using System.Security.Cryptography; using System.Text; namespace WindowsFormsApplication1 { /// <summary> /// DES加密解密字符串 /// </summary> public class DesEncryption { /// <summary> /// DES加密字符串 /// </summary> /// <param name="encryptString">待加密的字符串</param> /// <param name="encryptKey">加密密钥,要求为8位</param> /// <returns>加密成功返回加密后的字符串,失败返回null</returns> public static string EncryptDES(string encryptString, string encryptKey = "11001100") { try { byte[] rgbKey = ASCIIEncoding.ASCII.GetBytes(encryptKey.Substring(0, 8)); byte[] rgbIV = rgbKey; byte[] inputByteArray = Encoding.UTF8.GetBytes(encryptString); DESCryptoServiceProvider dCSP = new DESCryptoServiceProvider(); MemoryStream mStream = new MemoryStream(); CryptoStream cStream = new CryptoStream(mStream, dCSP.CreateEncryptor(rgbKey, rgbIV), CryptoStreamMode.Write); cStream.Write(inputByteArray, 0, inputByteArray.Length); cStream.FlushFinalBlock(); StringBuilder ret = new StringBuilder(); foreach (byte b in mStream.ToArray()) { ret.AppendFormat("{0:X2}", b); } ret.ToString(); return ret.ToString(); } catch { return null; } } /// <summary> /// DES解密字符串 /// </summary> /// <param name="decryptString">待解密的字符串</param> /// <param name="decryptKey">解密密钥,要求为8位,和加密密钥相同</param> /// <returns>解密成功返回解密后的字符串,失败返回null</returns> public static string DecryptDES(string decryptString, string decryptKey = "11001100") { try { byte[] rgbKey = ASCIIEncoding.ASCII.GetBytes(decryptKey); byte[] rgbIV = rgbKey; byte[] inputByteArray = new byte[decryptString.Length / 2]; for (int x = 0; x < decryptString.Length / 2; x++) { int i = (Convert.ToInt32(decryptString.Substring(x * 2, 2), 16)); inputByteArray[x] = (byte)i; } DESCryptoServiceProvider DCSP = new DESCryptoServiceProvider(); MemoryStream mStream = new MemoryStream(); CryptoStream cStream = new CryptoStream(mStream, DCSP.CreateDecryptor(rgbKey, rgbIV), CryptoStreamMode.Write); cStream.Write(inputByteArray, 0, inputByteArray.Length); cStream.FlushFinalBlock(); return Encoding.UTF8.GetString(mStream.ToArray()); } catch { return null; } } } } $srv_ip = '192.168.1.5';//你的目标服务地址. $srv_port = 80;//端口 $url = 'http://localhost/fsock.php'; //接收你post的URL具体地址 $fp = ''; $errno = 0;//错误处理 $errstr = '';//错误处理 $timeout = 10;//多久没有连上就中断 $post_str = "username=demo&password=hahaha";//要提交的内容. //打开网络的 Socket 链接。 $fp = fsockopen($srv_ip,$srv_port,$errno,$errstr,$timeout); if (!$fp){ echo('fp fail'); } $content_length = strlen($post_str); $post_header = "POST $url HTTP/1.1rn"; $post_header .= "Content-Type: application/x-www-form-urlencodedrn"; $post_header .= "User-Agent: MSIErn"; $post_header .= "Host: ".$srv_ip."rn"; $post_header .= "Content-Length: ".$content_length."rn"; $post_header .= "Connection: closernrn"; $post_header .= $post_str."rnrn"; fwrite($fp,$post_header); $inheader = 1; while(!feof($fp)){//测试文件指针是否到了文件结束的位置 $line = fgets($fp,1024); //去掉请求包的头信息 if ($inheader && ($line == "n" || $line == "rn")) { $inheader = 0; } if ($inheader == 0) { echo $line; } } fclose($fp); unset ($line); ?> 简要说明:代码第二行是你的IP地址或域名,第四行是你要POST的页面的具体地址,本例用的是fsock.php,fsock.php内容如下: <?php echo "username:".$_POST['username']."<br/>"; echo "password:".$_POST['password']; ?> //结果为: username:demo password:hahaha 伪造get,同时伪造post,get方法,代码如下: <?php //fsocket模拟post提交 $purl = "http://localhost/netphp/test2.php?uu=rrrrrrrrrrrr"; print_r(parse_url($url)); sock_post($purl,"uu=55555555555555555"); //fsocket模拟get提交 function sock_get($url, $query) { $info = parse_url($url); $fp = fsockopen($info["host"], 80, $errno, $errstr, 3); $head = "GET ".$info['path']."?".$info["query"]." HTTP/1.0rn"; $head .= "Host: ".$info['host']."rn"; $head .= "rn"; $write = fputs($fp, $head); while (!feof($fp)) { $line = fread($fp,4096); echo $line; } } sock_post($purl,"uu=rrrrrrrrrrrrrrrr"); function sock_post($url, $query) { $info = parse_url($url); $fp = fsockopen($info["host"], 80, $errno, $errstr, 3); $head = "POST ".$info['path']."?".$info["query"]." HTTP/1.0rn"; $head .= "Host: ".$info['host']."rn"; $head .= "Referer: http://".$info['host'].$info['path']."rn"; $head .= "Content-type: application/x-www-form-urlencodedrn"; $head .= "Content-Length: ".strlen(trim($query))."rn"; $head .= "rn"; $head .= trim($query); $write = fputs($fp, $head); while (!feof($fp)) { $line = fread($fp,4096); echo $line; } } ?> (编辑:汽车网) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
推荐文章
站长推荐
