On the hmailserver official forum, I found that the hmailserver account password encryption method is: generate a random 6-digit number first, called salt. Use this salt and add the password (such as the password ABCDE ), the result saltabcde is obtained. Then, the result value saltabcde is encrypted with sha256 to obtain a 64-bit password string, add salt to the front of the password string to form a 70-bit password string and store it in the data. On the official forum, you can find the PHP password modification program. It is easy to use the. NET class library sha256 for encryption. The following code is C:
Using system;
Using system. Collections. Generic;
Using system. LINQ;
Using system. Web;
Using system. Web. UI;
Using system. Web. UI. webcontrols;
Using system. Data;
Using system. Data. sqlclient;
Using system. Security. cryptography;
Using system. text;
Public partial class _ default: system. Web. UI. Page
{
Public String strinfo;
Protected void page_load (Object sender, eventargs E)
{
}
Protected void btnsubmit_click (Object sender, eventargs E)
{
Dbhelper DB = new dbhelper ();
Sqlparameter [] paras1 = new sqlparameter []
{
New sqlparameter ("@ email", sqldbtype. nvarchar, 100 ),
};
If (tbxemail. Text. Contains ("@"))
{
Paras1 [0]. value = tbxemail. Text. Trim ();
}
Else
{
Paras1 [0]. value = tbxemail. Text. Trim () + "@ myemaildomainexmple.com"; // replace it with your email address domain name.
}
String strpassword = dB. executescaler ("hm_checkaccount", paras1, commandtype. storedprocedure );
If (strpassword! = String. Empty)
{
String strsalt = strpassword. substring (0, 6 );
If (strpassword = strsalt + getsha256 (strsalt + tbxoldpassword. Text. Trim ()))
{
Sqlparameter [] paras2 = new sqlparameter []
{
New sqlparameter ("@ email", sqldbtype. nvarchar, 100 ),
New sqlparameter ("@ newpassword", sqldbtype. nvarchar, 70)
};
Paras2 [0]. value = paras1 [0]. value;
Paras2 [1]. value = strsalt + getsha256 (strsalt + tbxnewpassword1.text. Trim ());
Bool flag = dB. executenonquery ("hm_updatepassword", paras2, commandtype. storedprocedure );
If (flag = true)
{
Strinfo = "password changed! & Nbsp; <a href = \ "http://mail.yourmaildomain.com \"> login mailbox </a> ";
Phdinfo. Visible = true;
Phderr. Visible = false;
Phdmain. Visible = false;
Return;
}
Else
{
Strinfo = "system error. Modification failed! ";
Phderr. Visible = true;
Return;
}
}
Else
{
Strinfo = "the original password is incorrect! ";
Phderr. Visible = true;
Return;
}
}
Else
{
Strinfo = "the account is incorrect or does not exist! ";
Phderr. Visible = true;
Return;
}
}
Private string getsha256 (string text)
{
Byte [] hashvalue;
Byte [] Message = encoding. utf8.getbytes (text );
Sha256managed hashstring = new sha256managed ();
String hex = "";
Hashvalue = hashstring. computehash (Message );
Foreach (byte X in hashvalue)
{
Hex + = string. Format ("{0: X2}", X );
}
Return hex;
}
}