sql - How to sha1 hash a c# login application -

-

i want make password hash password sha1 tried make passlogin = sha1(@passlogin) not working

here code

using (sqlcommand cmd = new sqlcommand("select * loginreport userlogin = @userlogin , passlogin = @passlogin", conn)) {     conn.open();      cmd.parameters.addwithvalue("@userlogin", txtuser.text);     cmd.parameters.addwithvalue("@passlogin", txtpass.text);     sqldatareader dr = cmd.executereader();     if (dr.hasrows == true)     {         messagebox.show("successfully login");         form1 formreports = new form1();                                  formreports.showdialog();         application.exit();      }     else     {         messagebox.show("check username , password again!!");     } }

it seems you're not hashing value before assigning parameter.

you may first want try hashing input string, see included code (not tested!) example how this:

public static string generatesaltedsha1(string plaintextstring) {       hashalgorithm algorithm = new sha1managed();       var saltbytes = generatesalt(4);       var plaintextbytes = encoding.ascii.getbytes(plaintextstring);        var plaintextwithsaltbytes = appendbytearray(plaintextbytes, saltbytes);       var saltedsha1bytes = algorithm.computehash(plaintextwithsaltbytes);       var saltedsha1withappendedsaltbytes = appendbytearrays(saltedsha1bytes, saltbytes);        return "{ssha}" + convert.tobase64string(saltedsha1withappendedsaltbytes); }   private static byte[] generatesalt(int saltsize) {      var rng = new rngcryptoserviceprovider();      var buff = new byte[saltsize];      rng.getbytes(buff);      return buff;  }  private static byte[] appendbytearray(byte[] bytearray1, byte[] bytearray2) {     var bytearrayresult =             new byte[bytearray1.length + bytearray2.length];      (var = 0; < bytearray1.length; i++)          bytearrayresult[i] = bytearray1[i];     (var = 0; < bytearray2.length; i++)          bytearrayresult[bytearray1.length + i] = bytearray2[i];      return bytearrayresult; }

i advise use stronger hashing algorithm sha1 since it's become easy current technology create huge rainbow tables find original string of hash. please salt hash!


Comments

Post a Comment

Popular posts from this blog

javascript - Laravel datatable invalid JSON response -

-
everything work fine on code below fetch user logs: js: <script> $(document).ready(function () { var table =$('#systemlogs').datatable({ responsive: true, processing: true, serverside: true, "language": { "url": "/datatables/media/plug-in/persian.json" }, ajax: '{!! url('/admin/systemlogs/data/systemlogsdatatable') !!}', columns: [ { data: 'name', name: 'name' }, { data: 'message_text', name: 'message_text' }, { data: 'remote_addr', name: 'remote_addr' }, { data: 'log_created_at', name: 'management_logs.created_at' }, { data: 'log_updated_at', name: 'management_logs.updated_at' }, ] }); }); </script> routes: route::get('/systemlogs/data/systemlogsdatatable','systemlogscontrolle...
Read more

java - Exception in thread "main" org.springframework.context.ApplicationContextException: Unable to start embedded container; -

-
i getting error when run spring application: exception in thread "main" org.springframework.context.applicationcontextexception: unable start embedded container; nested exception org.springframework.context.applicationcontextexception: unable start embeddedwebapplicationcontext due missing embeddedservletcontainerfactory bean. @ org.springframework.boot.context.embedded.embeddedwebapplicationcontext.onrefresh(embeddedwebapplicationcontext.java:124) @ org.springframework.context.support.abstractapplicationcontext.refresh(abstractapplicationcontext.java:476) @ org.springframework.boot.context.embedded.embeddedwebapplicationcontext.refresh(embeddedwebapplicationcontext.java:109) @ org.springframework.boot.springapplication.refresh(springapplication.java:691) @ org.springframework.boot.springapplication.run(springapplication.java:320) @ org.springframework.boot.springapplication.run(springapplication.java:952) @ org.springframework.boot.springa...
Read more

sql server 2008 - My Sql Code Get An Error Of Msg 245, Level 16, State 1, Line 1 Conversion failed when converting the varchar value '8:45 AM' to data type int -

-
msg 245, level 16, state 1, line 1 conversion failed when converting varchar value '8:45 am' data type int. script declare @specimenid bigint = 0, @script varchar(max); declare @starttime int = (select convert(int,substring(start_time,0,charindex(':', start_time)) - 12) appt appt._id=112601) --select @starttime set @script = 'select distinct ptlast_name + '', '' + pt.first_name patient_name, dbo.formatdate(pt.dob,''mm/dd/yyyy'') dob, (convert(varchar, (datediff(yy, dob, appt_date) - case when (month(dob) > month(appt_date)) or (month(dob) = month(appt_date) , day(dob) > day(appt_date)) 1 else 0 end)) + ''/'' + convert(varchar, (datediff(m, dateadd(yy, (datediff(yy, dob, appt_date) - case when (month(dob) > month(appt_date)) or (month(dob) = month(appt_date) , day(dob) > day(appt_date)) 1 else 0 end), d...
Read more