3
votes

I am writing a login system that will log in against a DotNetNuke application's database. I have access to the database and can read the PasswordSalt in the aspnet_Membership table. Hence I will have as inputs:

  1. user's password (submitted by form)
  2. user's salt (I can look up)

and I must produce as output the hashed Password. The PasswordFormat=2, which is "Encrypted". However, I have not been able to find details of the encryption algorithm being used, so that I can rewrite it in my own application. So far, my research has led be to this page:

http://msdn.microsoft.com/en-us/library/aa478949.aspx

and also this SO post, which has the following formula in one of the comments:

Convert.ToBase64String((new Rfc2898DeriveBytes(YourPWD, YourSALT)).GetBytes(20))

However, this formula does not appear to work on my test data, which has the following inputs and outputs:

  1. password: 888888
  2. salt: ahEvjCX3FM04S5cSi1qdHA==
  3. hashed password: y3rxLUDYdj1/+IGC94/tvW6M3pQTCi/9bq1cNOUgYlM=

You can see my test here: http://ideone.com/EClO2

using System;
using System.Security.Cryptography;
 
public class Test
{
        public static void Main()
        {
                Console.WriteLine(Convert.ToBase64String((new Rfc2898DeriveBytes("888888", System.Convert.FromBase64String("ahEvjCX3FM04S5cSi1qdHA=="))).GetBytes(20)));
        }
}

Thanks for any help!

UPDATE

Answered here: ASP.NET MembershipProvider -- How exactly does it do encryption?

1
Encryption is not Hashing, you will need to generate a encrypted version (maybe try triple DES) - V4Vendetta
Can you be more specific. I tried applying triple DES to both "pw + hash" and "hash + pw", and base64 encoding the result, and it did not match. I need to know exactly what DNN is doing internally. - Jonah
I meant Triple DES is type of encryption try that instead of Base64 - V4Vendetta
Base64 is just an encoding. Salts and hashes are usually encoded that way so they are more readable. In any case, if you have a specific idea, please post the code you'd like me try. Thanks. - Jonah
From what I've read, DNN uses the SqlMembershipProvider class. You can use that to decrypt the password. I would recommend actually hashing it. Read this - NullUserException

1 Answers

0
votes

Looking at the source code, they have a class called AspNetMembershipProvider which has a method called UserLogin. UserLogin calls a private method called ValidateUser which in turn uses the ASP.NET Membership provider so it actually calls this method Membership.ValidateUser internally.

So if you call the same method with the username and password, the membership provider will take care of the password hashing and return a boolean value indicating whether the password matches.