How to decrypt Authentication Cookie From Javascript

Question

Say I have some Form's authentication Cookie:

FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
  "TESTTEST",
  DateTime.Now,
  DateTime.Now.AddMinutes(30),
  false,
  String.Empty,
  FormsAuthentication.FormsCookiePath);

Normally in C# we can decrypt this like so:

var authToken = FormsAuthentication.Decrypt(authCookie.Value);

I'm creating a tool for testing an I want to decrypt the cookie on the client-side.

If my machine key is: GHFDK45sDFGSKj234 How can I decrypt the Authentication from Javascript?

First you need to know the algorithm that the forms authentication [is using](http://stackoverflow.com/questions/1642598/what-encryption-method-does-the-net-formsauthentication-encrypt-method-use). Then you need to find a javascript library that can decrypt that algorithm. — Callback Kid, May 10 '17 at 18:48
Thanks, I was trying to find that, so you can specify the encryption, and it defaults to SHA1 — johnny 5, May 10 '17 at 18:50
@CallbackKid if you post that as an answer I'll mark it correct — johnny 5, May 10 '17 at 18:50
no answers so far http://stackoverflow.com/questions/9651618/decode-sha1-using-javascript — Vinod Srivastav, May 10 '17 at 19:02
@VinodSrivastav yeah that was my mistake the SHA-1 is for tampervalidation, I think the encryption is AES — johnny 5, May 10 '17 at 19:08

score 1 · Accepted Answer · edited May 23 '17 at 12:18

1

First you need to know the algorithm that the forms authentication is using. Then you need to find a javascript library that can decrypt that algorithm

edited May 23 '17 at 12:18

Community

1
1

answered May 10 '17 at 19:09

Callback Kid

708
5
22

Is this cookie even javascript accessible? Do we really want to have the machine keys available to a web client? – Mad Myche May 10 '17 at 19:48
@MadMyche He says he's creating a testing tool. I doubt this will be in his production environment – Callback Kid May 11 '17 at 15:50

How to decrypt Authentication Cookie From Javascript

1 Answers1