Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>I don't think this is possible...</p> <p><strong>A few pre-requisite questions:</strong></p> <ul> <li>Are you sure you have decrypted the string correctly, with the correct <code>MachineKey</code> value and decryption algorithm? I know ASP.NET 1.0 used 3DES but newer versions generally use AES by default.</li> <li>Why are you accessing this data in the first place? The <code>FormsAuthenticationTicket</code> was not intended to be "broken", and if you were going to access these values from a different language you may consider rolling your own scheme.</li> </ul> <p><strong>Some noteworthy observations:</strong></p> <p>Buried <code>in FormsAuthentication.Decrypt()</code> is a call to <code>UnsafeNativeMethods.CookieAuthParseTicket(...)</code>. Here is the signature:</p> <pre><code>[DllImport("webengine.dll", CharSet=CharSet.Unicode)] internal static extern int CookieAuthParseTicket(byte[] pData, int iDataLen, StringBuilder szName, int iNameLen, StringBuilder szData, int iUserDataLen, StringBuilder szPath, int iPathLen, byte[] pBytes, long[] pDates); </code></pre> <p>This parses what looks to be a byte array returned from <code>MachineKeySection.HexStringToByteArray()</code> (apparently a function that appears to decode the string using UTF-8) into the individual members of the <code>FormsAuthenticationTicket</code>.</p> <p>I can only assume that no matter which decoding method you use (ASCII, UTF-16, etc.) you're not going to get the data back unless you know Microsoft's implementation hidden in this native method.</p> <p><a href="http://msdn.microsoft.com/en-us/library/ms998288.aspx#paght000007_formsauthenticationtickets" rel="nofollow noreferrer">MSDN</a> may also offer some help.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload