Hey all , I am passing Hashed password from a server to another physical server. I had to use the query strong
The problem is that hashed pass has special characters like linefeeds ... How can i do such thing ?
-
Follow
Oops, something didn't work.
Sign In to be begin to follow this thread
What does this mean?
Following an item on Channel 9 allows you to watch for new content and comments that you are interested in. You need to be signed in to Channel 9 to use this feature.Getting "follow" information
Start following this thread
What does this mean?
Following an item on Channel 9 allows you to watch for new content and comments that you are interested in and view them all on your notifications page.Removing your "follow"
Setting up your "follow"
Did you know you can
sign up for email notifications?
-
-
one posible way would be to encode it as base64 string using Convert class
-
I am using 2005
Can you give me a sample ? -
static void Main(string[] args)
{
string toEncode = "This will be base64 encoded!";
string encoded = Convert.ToBase64String(System.Text.Encoding.Default.GetBytes(toEncode));
Console.WriteLine(encoded);
}
Be sure to have the same Defaul Encoder where you decode the string
-
Thank you
I have been into my ears in this project, I just can see binaries now
Thanks again -
Unless you are using SSL, you realize that this is not secure? A hacker wouldn't need to do anything but capture the hash and that would be as good as having the password itself.
-
Harlequin
http://twitter.com/TrueHarlequin
dwoodard wrote:Unless you are using SSL, you realize that this is not secure? A hacker wouldn't need to do anything but capture the hash and that would be as good as having the password itself.
Yeah, if it's a form, maybe you can do a Server.Transfer or something to send the form elements somewhere else... -
sbc
GW R/Me
You can't use Server.Transfer to transfer to pages on another server AFAIK.
-
dwoodard wrote:
Unless you are using SSL, you realize that this is not secure? A hacker wouldn't need to do anything but capture the hash and that would be as good as having the password itself.
well he said "pass hashed string" not encripted string it should be a diference. The first is not necesarly secure
-
It doesn't matter if you are using HTTP GET or POST. If you are passing the hash on an un-encrypted channel, then the hash can be viewed and stolen.
All that is being hidden is the plain text password. Which means that an attacker doesn't know your password, without cracking it. But if the hash is used for authentication or re-authentication then the attacker can simply pass the stolen hash around to get access.
That is why I mentioned using SSL. -
Maurits
AKA Matthew van Eerde
Remon wrote:Hey all , I am passing Hashed password from a server to another physical server. I had to use the query strong
The problem is that hashed pass has special characters like linefeeds ... How can i do such thing ?
What kind of hash uses special characters??
Anyway, the usual way to do this is to URLEncode anything you put in the query string.
Thread Closed
This thread is kinda stale and has been closed but if you'd like to continue the conversation, please create a new thread in our Forums,
or Contact Us and let us know.