I found myself having to access as administrator a site built with DotNetNuke Hosting without knowing the password or being able to reach the person who created it. What was I to do?

 

1. Create a new website (I am using C# here) in Visual Studio

2. Inside the web.config file, add the machineKey tag and provide “validationKey” and “decryptionKey” as found from web.config file of your running DNN site using which passwords are stored. (The keys provided here will work with the password as given in step)

<machineKey validationKey="5D47DA8BBE8C9D02378BC3360FD6724A43C69016" decryptionKey="F5292CB499D6A71955A7B389BFBF3712D0A48D1971DEE889" decryption="3DES" validation="SHA1" >

3. Create a new class and name it, “RecoverPassword.cs”

 using System; 
 using System.Configuration.Provider; 
 using System.Text; 
 using System.Web.Security; 
 public class RecoverPassword : MembershipProvider { 
   //Create a static instance of this class as a singelton  
   private static readonly RecoverPassword _instance = new RecoverPassword(); 
   public override MembershipPasswordFormat PasswordFormat { 
     get { 
       return MembershipPasswordFormat.Encrypted; 
     }   
   }  
   public static string RecoverEncryptedString(string target)   
   {     
     try     
     {       
       // Decode the password in Base64       
       byte[] data = Convert.FromBase64String(target); 
       //Get advantage of the DecryptPassword method 
       byte[] decryptedPassword = _instance.DecryptPassword(data); 
       string encodedPassword = Encoding.Unicode.GetString(decryptedPassword); 
       // Remove the salt value prepended to the value 
       // Salt value doesn''t do anything more than being appended to thte password string, just strip it out 
       return encodedPassword.Substring(8); 
     } 
     catch (ProviderException ex) 
     { 
       throw ex; 
     } 
   } 
   public override string ApplicationName 
   { 
     get 
     { 
       throw new NotImplementedException(); 
     } 
     set 
     { 
       throw new NotImplementedException(); 
     } 
   } 
   public override bool ChangePassword(string username, string oldPassword, string newPassword) { 
     throw new NotImplementedException(); 
   } 
   public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string 
 newPasswordAnswer) 
   { 
     throw new NotImplementedException(); 
   } 
   public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, 
 bool isApproved, object providerUserKey, out MembershipCreateStatus status) 
   { 
     throw new NotImplementedException(); 
   } 
   public override bool DeleteUser(string username, bool deleteAllRelatedData) 
   { 
     throw new NotImplementedException(); 
   } 
   public override bool EnablePasswordReset 
   { 
     get 
     { 
       throw new NotImplementedException(); 
     } 
   } 
   public override bool EnablePasswordRetrieval 
   { 
     get 
     { 
       throw new NotImplementedException(); 
     } 
   } 
   public override MembershipUserCollection FindUsersByEmail(string emailToMatch, int pageIndex, int pageSize, out int totalRecords) 
   { 
     throw new NotImplementedException(); 
   } 
   public override MembershipUserCollection FindUsersByName(string usernameToMatch, int pageIndex, int pageSize, out int totalRecords) 
   { 
     throw new NotImplementedException(); 
   } 
   public override MembershipUserCollection GetAllUsers(int pageIndex, int pageSize, out int totalRecords) 
   { 
     throw new NotImplementedException(); 
   } 
   public override int GetNumberOfUsersOnline() 
   { 
     throw new NotImplementedException(); 
   } 
   public override string GetPassword(string username, string answer) 
   { 
     throw new NotImplementedException(); 
   } 
   public override MembershipUser GetUser(string username, bool userIsOnline) 
   { 
     throw new NotImplementedException(); 
   } 
   public override MembershipUser GetUser(object providerUserKey, bool userIsOnline) 
   { 
     throw new NotImplementedException(); 
   } 
   public override string GetUserNameByEmail(string email) 
   { 
     throw new NotImplementedException(); 
   } 
   public override int MaxInvalidPasswordAttempts 
   { 
     get 
     { 
       throw new NotImplementedException(); 
     } 
   } 
   public override int MinRequiredNonAlphanumericCharacters 
   { 
     get 
     { 
       throw new NotImplementedException(); 
     } 
   } 
   public override int MinRequiredPasswordLength 
   { 
     get 
     { 
       throw new NotImplementedException(); 
     } 
   } 
   public override int PasswordAttemptWindow 
   { 
     get 
     { 
       throw new NotImplementedException(); 
     } 
   } 
   public override string PasswordStrengthRegularExpression 
   { 
     get 
     { 
       throw new NotImplementedException(); 
     } 
   } 
   public override bool RequiresQuestionAndAnswer 
   { 
     get 
     { 
       throw new NotImplementedException(); 
     } 
   } 
   public override bool RequiresUniqueEmail 
   { 
     get 
     { 
       throw new NotImplementedException(); 
     } 
   } 
   public override string ResetPassword(string username, string answer) 
   { 
     throw new NotImplementedException(); 
   } 
   public override bool UnlockUser(string userName) 
   { 
     throw new NotImplementedException(); 
   } 
   public override void UpdateUser(MembershipUser user) 
   { 
     throw new NotImplementedException(); 
   } 
   public override bool ValidateUser(string username, string password) 
   { 
     throw new NotImplementedException(); 
   } 
 }

4. Copy paste the following code inside the above created class. This way we inherit our class from aspnet membership provider pattern class and thus will use its decryption procedure to decrypt the passwords. If you want to do that manually, do remember that Ctrl+K+M is a nice shortcut to implement base class methods which saves quite an effort from your end.

 using System; 
 using System.Configuration.Provider; 
 using System.Text; 
 using System.Web.Security; 
 public class RecoverPassword : MembershipProvider { 
   //Create a static instance of this class as a singelton  
   private static readonly RecoverPassword _instance = new RecoverPassword(); 
   public override MembershipPasswordFormat PasswordFormat { 
     get { 
       return MembershipPasswordFormat.Encrypted; 
     }   
   }  
   public static string RecoverEncryptedString(string target)   
   {     
     try     
     {       
       // Decode the password in Base64       
       byte[] data = Convert.FromBase64String(target); 
       //Get advantage of the DecryptPassword method 
       byte[] decryptedPassword = _instance.DecryptPassword(data); 
       string encodedPassword = Encoding.Unicode.GetString(decryptedPassword); 
       // Remove the salt value prepended to the value 
       // Salt value doesn''t do anything more than being appended to thte password string, just strip it out 
       return encodedPassword.Substring(8); 
     } 
     catch (ProviderException ex) 
     { 
       throw ex; 
     } 
   } 
   public override string ApplicationName 
   { 
     get 
     { 
       throw new NotImplementedException(); 
     } 
     set 
     { 
       throw new NotImplementedException(); 
     } 
   } 
   public override bool ChangePassword(string username, string oldPassword, string newPassword) { 
     throw new NotImplementedException(); 
   } 
   public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string 
 newPasswordAnswer) 
   { 
     throw new NotImplementedException(); 
   } 
   public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, 
 bool isApproved, object providerUserKey, out MembershipCreateStatus status) 
   { 
     throw new NotImplementedException(); 
   } 
   public override bool DeleteUser(string username, bool deleteAllRelatedData) 
   { 
     throw new NotImplementedException(); 
   } 
   public override bool EnablePasswordReset 
   { 
     get 
     { 
       throw new NotImplementedException(); 
     } 
   } 
   public override bool EnablePasswordRetrieval 
   { 
     get 
     { 
       throw new NotImplementedException(); 
     } 
   } 
   public override MembershipUserCollection FindUsersByEmail(string emailToMatch, int pageIndex, int pageSize, out int totalRecords) 
   { 
     throw new NotImplementedException(); 
   } 
   public override MembershipUserCollection FindUsersByName(string usernameToMatch, int pageIndex, int pageSize, out int totalRecords) 
   { 
     throw new NotImplementedException(); 
   } 
   public override MembershipUserCollection GetAllUsers(int pageIndex, int pageSize, out int totalRecords) 
   { 
     throw new NotImplementedException(); 
   } 
   public override int GetNumberOfUsersOnline() 
   { 
     throw new NotImplementedException(); 
   } 
   public override string GetPassword(string username, string answer) 
   { 
     throw new NotImplementedException(); 
   } 
   public override MembershipUser GetUser(string username, bool userIsOnline) 
   { 
     throw new NotImplementedException(); 
   } 
   public override MembershipUser GetUser(object providerUserKey, bool userIsOnline) 
   { 
     throw new NotImplementedException(); 
   } 
   public override string GetUserNameByEmail(string email) 
   { 
     throw new NotImplementedException(); 
   } 
   public override int MaxInvalidPasswordAttempts 
   { 
     get 
     { 
       throw new NotImplementedException(); 
     } 
   } 
   public override int MinRequiredNonAlphanumericCharacters 
   { 
     get 
     { 
       throw new NotImplementedException(); 
     } 
   } 
   public override int MinRequiredPasswordLength 
   { 
     get 
     { 
       throw new NotImplementedException(); 
     } 
   } 
   public override int PasswordAttemptWindow 
   { 
     get 
     { 
       throw new NotImplementedException(); 
     } 
   } 
   public override string PasswordStrengthRegularExpression 
   { 
     get 
     { 
       throw new NotImplementedException(); 
     } 
   } 
   public override bool RequiresQuestionAndAnswer 
   { 
     get 
     { 
       throw new NotImplementedException(); 
     } 
   } 
   public override bool RequiresUniqueEmail 
   { 
     get 
     { 
       throw new NotImplementedException(); 
     } 
   } 
   public override string ResetPassword(string username, string answer) 
   { 
     throw new NotImplementedException(); 
   } 
   public override bool UnlockUser(string userName) 
   { 
     throw new NotImplementedException(); 
   } 
   public override void UpdateUser(MembershipUser user) 
   { 
     throw new NotImplementedException(); 
   } 
   public override bool ValidateUser(string username, string password) 
   { 
     throw new NotImplementedException(); 
   } 
 } 

5. Your default.ascx.cs file must be like this (Change the password in Page_Load with the password you want to decipher):

 using System; 
 public partial class _Default : System.Web.UI.Page { 
   protected void Page_Load(object sender, EventArgs e)     
   { 
      //This password can be obtained from the DNN''s table aspnet_Membership column "Password"    
      //Or you can query ther datbase row and call decryption method for each user    
      string password = "vhicPWw3Eo/+z+mrKM5ZQCIcURj1O5Cq9Epw942lfpmsDPagupzLGw=="; 
     //Call our inherited class to get Decrypted Password    
     string recoveredPassword = RecoverPassword.RecoverEncryptedString(password); 
     //Write down the decrypted password       
    Response.Write(recoveredPassword);  
   } 
 } 

6. Right click > View in Browser and the password is decrypted on a fly.