C#对于 eval加密的JS 有啥办法解密获取跳转URL

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了C#对于 eval加密的JS 有啥办法解密获取跳转URL相关的知识,希望对你有一定的参考价值。

参考技术A 解密后eval那段的原文如下(是一个解密函数):function uncodeStr(str)str=str.replace(/\^/g,"%");//把原来字符串里的~符号替换成%号var str_len=str.length-1;//后面数组循环时的最大下标var i;var encodeStr='';for(i=str_len;i>=0;i--)//这个循环是将密文倒转过来encodeStr+=str.substr(i,1)return decodeURI(encodeStr) //使用decodeURI解密varaaa___就是获取的uncodeStr函数运算后的结果。通过解密过程可以反推出加密过程如下:获取需要字符串s使用encodeURI(s)将一些特定符号替换为编码,如空格替换为%20,得到一个新的字符串将新的字符串反转(第一位变为最后一位,第二位变为倒数第二位。。。。以此类推)将反转后的字符串里的百分号(%)用波浪线替换后就得到密文了。

基于C# 的RSA 前端JS加密后端进行解密。

前端代码

引用 js : 

http://passport.cnblogs.com/scripts/jsencrypt.min.js
通过接口从服务端获取随机一对密钥串,主键为Token
 function GetRSAKey(params, callback) {
        Service.post({
            url: "/BaseService.svc/GetRSAKey",
            params: {
            },
            success: function (response) {
                var encrypt = new JSEncrypt();
                encrypt.setPublicKey(response.PublicKey);
                params = JSON.stringify(params);
                var Encryptdata = encrypt.encrypt(params);
                //+号的处理:因为数据在网络上传输时,非字母数字字符都将被替换成百分号(%)后跟两位十六进制数,
                //而base64编码在传输到后端的时候,+会变成空格,因此先替换掉。后端再替换回来
                Encryptdata = encodeURI(Encryptdata).replace(/\\+/g, ‘%2B‘);
                if (callback) {
                    callback(Encryptdata, response.Token);
                }
            }
        });
    }

  将加密后的信息,和加密KEY的主键传回登录接口

GetRSAKey(params, function (Encryptdata, token) {
            Service.post({
                url: "/UserAccountService.svc/SafeInDoor",
                params: {
                    Encryptdata: Encryptdata,
                    Token: token,
                },
                success: function (response) {
                    if (response.Token) {
                       
                    } else {
                        ZENG.msgbox.show(response.StatusText, 5, 2000);
                    }
                },
                error: function (response) {
                },
                mask: function () {
                    $("#J_LoginSub").mask("正在登录,请稍候...");
                },
                unmask: function () {
                    $("#J_LoginSub").unmask();
                }
            });
        })

    }

获取解密Key,对加密信息进行解密

技术分享图片

 引用 

using System.Security.Cryptography;
using Cn.Ubingo.Security.RSA.Key;

 解密

 /// <summary>
        /// 与前端交互的解密
        /// </summary>
        /// <param name="DecryptString"></param>
        /// <param name="privateKey"></param>
        /// <returns></returns>
        public string HtmlDecrypt(string DecryptString,string privateKey){
            string result="";
            try
            {
                RSACryptoServiceProvider rsaCryptoServiceProvider = CreateRsaProviderFromPrivateKey(privateKey);
                //把+号,再替换回来
                byte[] res = rsaCryptoServiceProvider.Decrypt(Convert.FromBase64String(DecryptString.Replace("%2B","+")), false);
                result= Encoding.UTF8.GetString(res);
            }
            catch (Exception exception)
            {
                FileLog.AddLog("RSACryptoDecryptRSA解密异常",exception.Message);

            }
            return result;
        }
      

  

 private RSACryptoServiceProvider CreateRsaProviderFromPrivateKey(string privateKey)
        {
            var privateKeyBits = System.Convert.FromBase64String(privateKey);

            var RSA = new RSACryptoServiceProvider();
            var RSAparams = new RSAParameters();

            using (BinaryReader binr = new BinaryReader(new MemoryStream(privateKeyBits)))
            {
                byte bt = 0;
                ushort twobytes = 0;
                twobytes = binr.ReadUInt16();
                if (twobytes == 0x8130)
                    binr.ReadByte();
                else if (twobytes == 0x8230)
                    binr.ReadInt16();
                else
                    throw new Exception("Unexpected value read binr.ReadUInt16()");

                twobytes = binr.ReadUInt16();
                if (twobytes != 0x0102)
                    throw new Exception("Unexpected version");

                bt = binr.ReadByte();
                if (bt != 0x00)
                    throw new Exception("Unexpected value read binr.ReadByte()");

                RSAparams.Modulus = binr.ReadBytes(GetIntegerSize(binr));
                RSAparams.Exponent = binr.ReadBytes(GetIntegerSize(binr));
                RSAparams.D = binr.ReadBytes(GetIntegerSize(binr));
                RSAparams.P = binr.ReadBytes(GetIntegerSize(binr));
                RSAparams.Q = binr.ReadBytes(GetIntegerSize(binr));
                RSAparams.DP = binr.ReadBytes(GetIntegerSize(binr));
                RSAparams.DQ = binr.ReadBytes(GetIntegerSize(binr));
                RSAparams.InverseQ = binr.ReadBytes(GetIntegerSize(binr));
            }

            RSA.ImportParameters(RSAparams);
            return RSA;
        }

        private int GetIntegerSize(BinaryReader binr)
        {
            byte bt = 0;
            byte lowbyte = 0x00;
            byte highbyte = 0x00;
            int count = 0;
            bt = binr.ReadByte();
            if (bt != 0x02)
                return 0;
            bt = binr.ReadByte();

            if (bt == 0x81)
                count = binr.ReadByte();
            else
                if (bt == 0x82)
                {
                    highbyte = binr.ReadByte();
                    lowbyte = binr.ReadByte();
                    byte[] modint = { lowbyte, highbyte, 0x00, 0x00 };
                    count = BitConverter.ToInt32(modint, 0);
                }
                else
                {
                    count = bt;
                }

            while (binr.ReadByte() == 0x00)
            {
                count -= 1;
            }
            binr.BaseStream.Seek(-1, SeekOrigin.Current);
            return count;
        }

  生成密钥对

/// <summary>
        /// 创建密钥对
        /// </summary>
        /// <returns></returns>
        public RSAKey NewRsaKey()
        {
            //RSAKey RSAKey = new RSAKey();
            Chilkat.Rsa rsa = new Chilkat.Rsa();

            bool success = rsa.UnlockComponent("Anything for 30-day trial");
            if (success != true) {
                Console.WriteLine(rsa.LastErrorText);
                return null;
            }

            //  Generate a 2048-bit key.  Chilkat RSA supports
            //  key sizes ranging from 512 bits to 8192 bits.
            success = rsa.GenerateKey(1024);
            if (success != true)
            {
                Console.WriteLine(rsa.LastErrorText);
                return null;
            }

            //  Get the public and private key parts:
            Chilkat.PublicKey pubKey = rsa.ExportPublicKeyObj();
            Chilkat.PrivateKey privKey = rsa.ExportPrivateKeyObj();

            //  Get the public key as a PKCS8 PEM string
            //string pubKeyPem = pubKey.GetOpenSslPem();
            //Console.WriteLine(pubKeyPem);

            //  Get the public key in PKCS8 format, in a Base64 encoded string.
            string PublicKey = pubKey.GetPkcs8ENC("base64");
            //Console.WriteLine(pubKeyPkcs8Base64);

            //  Get the public key in PKCS1 format, in a Base64 encoded string.
            //string PublicKey = pubKey.GetPkcs1ENC("base64");
            //Console.WriteLine(pubKeyPkcs1Base64);

            //  Get the private key in a PKCS8 PEM string.
            //string privKeyPem = privKey.GetPkcs8Pem();
            //Console.WriteLine(privKeyPem);

            //  Get the private key in a PKCS8 encrypted PEM string.
            //string privKeyEncPem = privKey.GetPkcs8EncryptedPem("myPassword");
            //Console.WriteLine(privKeyEncPem);

            //  Get the private key in PKCS1 Base64 format
            string PrivateKey = privKey.GetPkcs1ENC("base64");
            //Console.WriteLine(privKeyPkcs1Base64);

            //  Get the private key in PKCS8 Base64 format
            //string privKeyPkcs8Base64 = privKey.GetPkcs8ENC("base64");
            //Console.WriteLine(privKeyPkcs8Base64);

            RSAKey RSAKey = new RSAKey();
            RSAKey.PrivateKey = PrivateKey;
            RSAKey.PublicKey = PublicKey;
            RSAKey.token = Guid.NewGuid();
            return RSAKey;
            //  Save to PKCS1 / PKCS8 / PEM files...

            //  Save the public key to PKCS8 binary DER
            //  Note: Chilkat is confusingly using the substring "OpenSsl" in the method name.
            //  A better choice would‘ve been "SavePkcs8DerFile". When you see "OpenSsl" referring to
            //  a key format in a Chilkat method name, assume "PKCS8".
            //success = pubKey.SaveOpenSslDerFile("pubKey_pkcs8.der");

            //  Save the public key to PKCS1 binary DER
            //success = pubKey.SaveRsaDerFile("pubKey_pkcs1.der");

            //  Save the private key to unencrypted binary PKCS1 DER.
            //  Note: PKCS1 is never found in an encrypted format.
            //success = privKey.SaveRsaDerFile("privKey_pkcs1.der");

            //  Save the private key to unencrypted binary PKCS8
            //success = privKey.SavePkcs8File("privKey_pkcs8.der");

            //  Save the private key to encrypted binary PKCS8
           // success = privKey.SavePkcs8EncryptedFile("myPassword", "privKey_enc_pkcs8.der");

            //  Save the private key to unencrypted PKCS8 PEM
            //success = privKey.SavePkcs8PemFile("privKey.pem");

            //  Save the private key to encrypted PKCS8 PEM
            //success = privKey.SavePkcs8EncryptedPemFile("myPassword", "privKey_enc.pem");
        }

  

 



以上是关于C#对于 eval加密的JS 有啥办法解密获取跳转URL的主要内容,如果未能解决你的问题,请参考以下文章

js代码解密eval的

php 有啥办法加密解密,加密的密文长度都是一样的?

基于C# 的RSA 前端JS加密后端进行解密。

求大侠帮助,php网页加密代码<?php eval(base64_decode( 帮忙解密下

js解密方法

md5 加密,既然无法解密,那这个加密的意义有啥呢? 对文件加密后怎么返回原值呢?