公司做的系统是给某公司内网的系统。做了一个渗透测试。提出一点漏洞,关于用户名和密码在传输中是用明文传输的,但后台接到后已经做了MD5加密进行校验而且还是内网,一般这个是没问题的。但提出了漏洞就改呗,加个密。思路是前端加密,后端解密。
前端
<script src="<c:url value='/scripts/base64.js'/>"></script>
base64.js:function submitForm(){ var abc=document.getElementById("submit"); abc.disabled=true; var str1=document.getElementById('j_username').value.trim(); var str2=document.getElementById('j_password').value.trim(); var result = Base.encode(str1); document.getElementById('j_username').value=result; var res = Base.encode(str2); document.getElementById('j_password').value=res; loginForm.submit(); }
//base64加密 解密 /* //1.加密 var result = Base.encode('125中文'); //--> "MTI15Lit5paH" //2.解密 var result2 = Base.decode(result); //--> '125中文' */ ~(function(root, factory) { if (typeof define === "function" && define.amd) { define([], factory); } else if (typeof module === "object" && module.exports) { module.exports = factory(); } else { root.Base = factory(); } }(this, function() { 'use strict'; function Base64() { // private property this._keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="; } //public method for encoding Base64.prototype.encode = function (input) { var output = "", chr1, chr2, chr3, enc1, enc2, enc3, enc4, i = 0; input = this._utf8_encode(input); while (i < input.length) { chr1 = input.charCodeAt(i++); chr2 = input.charCodeAt(i++); chr3 = input.charCodeAt(i++); enc1 = chr1 >> 2; enc2 = ((chr1 & 3) << 4) | (chr2 >> 4); enc3 = ((chr2 & 15) << 2) | (chr3 >> 6); enc4 = chr3 & 63; if (isNaN(chr2)) { enc3 = enc4 = 64; } else if (isNaN(chr3)) { enc4 = 64; } output = output + this._keyStr.charAt(enc1) + this._keyStr.charAt(enc2) + this._keyStr.charAt(enc3) + this._keyStr.charAt(enc4); } return output; } // public method for decoding Base64.prototype.decode = function (input) { var output = "", chr1, chr2, chr3, enc1, enc2, enc3, enc4, i = 0; input = input.replace(/[^A-Za-z0-9\+\/\=]/g, ""); while (i < input.length) { enc1 = this._keyStr.indexOf(input.charAt(i++)); enc2 = this._keyStr.indexOf(input.charAt(i++)); enc3 = this._keyStr.indexOf(input.charAt(i++)); enc4 = this._keyStr.indexOf(input.charAt(i++)); chr1 = (enc1 << 2) | (enc2 >> 4); chr2 = ((enc2 & 15) << 4) | (enc3 >> 2); chr3 = ((enc3 & 3) << 6) | enc4; output = output + String.fromCharCode(chr1); if (enc3 != 64) { output = output + String.fromCharCode(chr2); } if (enc4 != 64) { output = output + String.fromCharCode(chr3); } } output = this._utf8_decode(output); return output; } // private method for UTF-8 encoding Base64.prototype._utf8_encode = function (string) { string = string.replace(/\r\n/g,"\n"); var utftext = ""; for (var n = 0; n < string.length; n++) { var c = string.charCodeAt(n); if (c < 128) { utftext += String.fromCharCode(c); } else if((c > 127) && (c < 2048)) { utftext += String.fromCharCode((c >> 6) | 192); utftext += String.fromCharCode((c & 63) | 128); } else { utftext += String.fromCharCode((c >> 12) | 224); utftext += String.fromCharCode(((c >> 6) & 63) | 128); utftext += String.fromCharCode((c & 63) | 128); } } return utftext; } // private method for UTF-8 decoding Base64.prototype._utf8_decode = function (utftext) { var string = "", i = 0, c = 0, c1 = 0, c2 = 0, c3 = 0; while ( i < utftext.length ) { c = utftext.charCodeAt(i); if (c < 128) { string += String.fromCharCode(c); i++; } else if((c > 191) && (c < 224)) { c2 = utftext.charCodeAt(i+1); string += String.fromCharCode(((c & 31) << 6) | (c2 & 63)); i += 2; } else { c2 = utftext.charCodeAt(i+1); c3 = utftext.charCodeAt(i+2); string += String.fromCharCode(((c & 15) << 12) | ((c2 & 63) << 6) | (c3 & 63)); i += 3; } } return string; } var Base = new Base64(); return Base; }));
后端工具类:package com.sasis.util; import sun.misc.BASE64Decoder; import sun.misc.BASE64Encoder; public final class BASE64Util { /** * 采用BASE64算法对字符串进行加密 * @param base 原字符串 * @return 加密后的字符串 */ public static final String encode(String base){ return BASE64Util.encode(base.getBytes()); } /** * 采用BASE64算法对字节数组进行加密 * @param baseBuff 原字节数组 * @return 加密后的字符串 */ public static final String encode(byte[] baseBuff){ return new BASE64Encoder().encode(baseBuff); } /** * 字符串解密,采用BASE64的算法 * @param encoder 需要解密的字符串 * @return 解密后的字符串 */ public static final String decode(String encoder){ try { BASE64Decoder decoder = new BASE64Decoder(); byte[] buf = decoder.decodeBuffer(encoder); return new String(buf); } catch (Exception e) { return null; } } }
后端处理:String username1 = request.getParameter("j_username"); String password1 = request.getParameter("j_password"); log.info("用户名:"+username1); log.info("密码:"+password1); //后端解密 String username=BASE64Util.decode(username1); String password=BASE64Util.decode(password1); SimpleDateFormat sdf=new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); String time=sdf.format(new Date()); log.info("操作时间:"+time+"用户名:"+username);