I needed to decrypt ASP.Net membership provider user password. These password are stored in [dbo].[aspnet_Membership] database. I wrote below code to do the decryption for me .

using System;
using System.Text;
using System.Web.Security;

namespace RetreivePassword
{
public class NetFourMembershipProvider : SqlMembershipProvider
{
public string GetClearTextPassword(string encryptedPwd)
{
byte[] encodedPassword = Convert.FromBase64String(encryptedPwd);
byte[] bytes = this.DecryptPassword(encodedPassword);
if (bytes == null)
{
return null;
}
return Encoding.Unicode.GetString(bytes, 0x10, bytes.Length - 0x10);

}
}
class Program
{
static void Main(string[] args)
{
var passwordManager = new NetFourMembershipProvider();
Console.WriteLine("Enter encrypted password");
var cryptedPassword = Console.ReadLine();
var clearPWd = passwordManager.GetClearTextPassword(cryptedPassword);//"6UQE1J9ekT3MYNGwT/ncuaRkxJPvHCuoQksduEu6CB/4/06QerERTzlF8WQ2nGAh");
Console.WriteLine("Plain Password : "+clearPWd);
Console.ReadKey();

}
}
}

/* Add below config into your app.config file and update machinkey with valid key through which
* the Password was encrypted at first place




*/

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>