VB.Net 和 phpMyAdmin:如何在不需要用户名或密码的情况下连接到 phpMyAdmin SQL 服务器?
VB.Net and phpMyAdmin: How to connect to phpMyAdmin SQL server without needing a Username or Password?
我正在 Visual Basic .Net 上设置登录表单。我希望将此数据库托管在 Internet 上,以便人们无论身在何处都可以连接。
麻烦的是,安全。如果我的代码中有用户名和密码,我很容易被黑客攻击,而且我的程序将被破解
有什么方法可以让我使用令牌代替密码,只能通过程序本身访问?
这是我的代码:
Dim connection As New MySqlConnection("datasource=localhost;port-3306;username;whatever;password=whatever;database=whatever")
这正是我要找的东西:
Dim connection As New MySqlConnection("token=aFjiwqMF93JmHSazhH")
如果是这样,我该怎么做,我从哪里获得数据库令牌和 link?
任何能够破解你的程序的人,也更有可能拥有破解 MySQL 的知识......我知道,这不是一个答案,我花了很多周的时间来保护我的程序免受类似的攻击,然而,我后来想 'Why...?'
话虽这么说,如果您真的需要对源代码保密并删除密码,从某个地方的文本文件加载连接字符串怎么样?
简单加密见system.security.cryptography
我刚刚查了一下我的简单加密字符串的旧代码,你可以看看这个
Imports System.Security.Cryptography
Imports System.Net
Public NotInheritable Class Encryptorr
Public TDS As New TripleDESCryptoServiceProvider
Private Function EncHash(ByVal key As String, ByVal length As Integer) As Byte()
Dim enc_Sha1 As New SHA1CryptoServiceProvider
Dim keyBytes() As Byte =
System.Text.Encoding.Unicode.GetBytes(key)
Dim hash() As Byte = enc_Sha1.ComputeHash(keyBytes)
ReDim Preserve hash(length - 1)
Return hash
End Function
Sub New(ByVal key As String)
TDS.Key = EncHash(key, TDS.KeySize \ 8)
TDS.IV = EncHash("", TDS.BlockSize \ 8)
End Sub
Public Function EncryptData(ByVal plaintext As String) As String
Dim Strbytes() As Byte = System.Text.Encoding.Unicode.GetBytes(plaintext)
Dim memStr As New System.IO.MemoryStream
Dim encStream As New CryptoStream(memStr, TDS.CreateEncryptor(), System.Security.Cryptography.CryptoStreamMode.Write)
encStream.Write(Strbytes, 0, Strbytes.Length)
encStream.FlushFinalBlock()
Return Convert.ToBase64String(memStr.ToArray)
End Function
Public Function DecryptData(ByVal encryptedtext As String) As String
Try
Dim enc_Bytes() As Byte = Convert.FromBase64String(encryptedtext)
Dim mem_Str As New System.IO.MemoryStream
Dim decStream As New CryptoStream(mem_Str, TDS.CreateDecryptor(), System.Security.Cryptography.CryptoStreamMode.Write)
decStream.Write(enc_Bytes, 0, enc_Bytes.Length)
decStream.FlushFinalBlock()
Return System.Text.Encoding.Unicode.GetString(mem_Str.ToArray)
Catch ex As Exception
Return "Decryption Failed"
End Try
End Function
End Class
与
通话
Public Sub TestMe()
Dim encr As Encryptorr = New Encryptorr("AlovelyLong463728KeytoEncryptwith")
Dim encrytedstr As String = encr.EncryptData(textbox1.text)
Textbox2.text = encrytedstr
Dim decry As Encryptorr = New Encryptorr("AlovelyLong463728KeytoEncryptwith")
Dim decryptedtext As String = decry.DecryptData(Textbox2.text)
Textbox3.text = decryptedtext
End Sub
然后你可以加密和解密从文本文件中读取的字符串,虽然回到我原来的观点。如果有人可以访问程序代码,他们也可以解密...:(
依然值得深思!祝你好运
更新--
只需添加,您始终可以创建加密字符串,将其用作全局变量,并使用 decryt 函数直接作为连接字符串传递。这意味着不是将用户名和密码保存在文本文件中,您只需使用 Public Shared Constr as String = fhdasjifhn32437289cj(或任何加密字符串),连接将是 Dim Con as MySQLConnection = new MySQLConnection(DecryptMyStr(Constr)),DecryptMyStr 是解密函数
我正在 Visual Basic .Net 上设置登录表单。我希望将此数据库托管在 Internet 上,以便人们无论身在何处都可以连接。
麻烦的是,安全。如果我的代码中有用户名和密码,我很容易被黑客攻击,而且我的程序将被破解
有什么方法可以让我使用令牌代替密码,只能通过程序本身访问?
这是我的代码:
Dim connection As New MySqlConnection("datasource=localhost;port-3306;username;whatever;password=whatever;database=whatever")
这正是我要找的东西:
Dim connection As New MySqlConnection("token=aFjiwqMF93JmHSazhH")
如果是这样,我该怎么做,我从哪里获得数据库令牌和 link?
任何能够破解你的程序的人,也更有可能拥有破解 MySQL 的知识......我知道,这不是一个答案,我花了很多周的时间来保护我的程序免受类似的攻击,然而,我后来想 'Why...?'
话虽这么说,如果您真的需要对源代码保密并删除密码,从某个地方的文本文件加载连接字符串怎么样?
简单加密见system.security.cryptography
我刚刚查了一下我的简单加密字符串的旧代码,你可以看看这个
Imports System.Security.Cryptography
Imports System.Net
Public NotInheritable Class Encryptorr
Public TDS As New TripleDESCryptoServiceProvider
Private Function EncHash(ByVal key As String, ByVal length As Integer) As Byte()
Dim enc_Sha1 As New SHA1CryptoServiceProvider
Dim keyBytes() As Byte =
System.Text.Encoding.Unicode.GetBytes(key)
Dim hash() As Byte = enc_Sha1.ComputeHash(keyBytes)
ReDim Preserve hash(length - 1)
Return hash
End Function
Sub New(ByVal key As String)
TDS.Key = EncHash(key, TDS.KeySize \ 8)
TDS.IV = EncHash("", TDS.BlockSize \ 8)
End Sub
Public Function EncryptData(ByVal plaintext As String) As String
Dim Strbytes() As Byte = System.Text.Encoding.Unicode.GetBytes(plaintext)
Dim memStr As New System.IO.MemoryStream
Dim encStream As New CryptoStream(memStr, TDS.CreateEncryptor(), System.Security.Cryptography.CryptoStreamMode.Write)
encStream.Write(Strbytes, 0, Strbytes.Length)
encStream.FlushFinalBlock()
Return Convert.ToBase64String(memStr.ToArray)
End Function
Public Function DecryptData(ByVal encryptedtext As String) As String
Try
Dim enc_Bytes() As Byte = Convert.FromBase64String(encryptedtext)
Dim mem_Str As New System.IO.MemoryStream
Dim decStream As New CryptoStream(mem_Str, TDS.CreateDecryptor(), System.Security.Cryptography.CryptoStreamMode.Write)
decStream.Write(enc_Bytes, 0, enc_Bytes.Length)
decStream.FlushFinalBlock()
Return System.Text.Encoding.Unicode.GetString(mem_Str.ToArray)
Catch ex As Exception
Return "Decryption Failed"
End Try
End Function
End Class
与
通话Public Sub TestMe()
Dim encr As Encryptorr = New Encryptorr("AlovelyLong463728KeytoEncryptwith")
Dim encrytedstr As String = encr.EncryptData(textbox1.text)
Textbox2.text = encrytedstr
Dim decry As Encryptorr = New Encryptorr("AlovelyLong463728KeytoEncryptwith")
Dim decryptedtext As String = decry.DecryptData(Textbox2.text)
Textbox3.text = decryptedtext
End Sub
然后你可以加密和解密从文本文件中读取的字符串,虽然回到我原来的观点。如果有人可以访问程序代码,他们也可以解密...:(
依然值得深思!祝你好运
更新--
只需添加,您始终可以创建加密字符串,将其用作全局变量,并使用 decryt 函数直接作为连接字符串传递。这意味着不是将用户名和密码保存在文本文件中,您只需使用 Public Shared Constr as String = fhdasjifhn32437289cj(或任何加密字符串),连接将是 Dim Con as MySQLConnection = new MySQLConnection(DecryptMyStr(Constr)),DecryptMyStr 是解密函数