[<prev] [next>] [day] [month] [year] [list]
Message-ID: <42C2AD11.9000502@hasborg.com>
Date: Wed, 29 Jun 2005 10:15:45 -0400
From: Joshua Wright <jwright@...borg.com>
To: bugtraq@...urityfocus.com
Subject: Auditing Privilged Oracle Passwords - hashattack
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I've put together a tool that can be used to build a table of Oracle
password hashes from a dictionary file for a designated username.
Hashes are calculated by creating a user account similar to the
target account to be audited and repeatedly changing the password
with "ALTER USER" for each dictionary word, storing the hash for each
password in a table.
Once the table of hashes is built, a simple SELECT can be issued to
determine if the password hash for a target user is a simple
dictionary word:
SQL> select h.username, h.password, h.hash
2 from hashattack h, dba_users d
3 where d.password = h.hash and h.username = 'SYS';
USERNAME PASSWORD HASH
- ---------- -------------------- --------------------
SYS KILTPLEAT 2BBDC477FFB28563
SQL>
Written in PL/SQL, available at
http://802.11ninja.net/code/hashattack-0.1.tgz,
http://802.11ninja.net/code/hashattack-0.1.tgz.asc
Comments, questions, concerns welcome.
- -Josh
- --
- -Joshua Wright
jwright@...borg.com
2005-2006 pgpkey: http://802.11ninja.net/pgpkey.htm
fingerprint: F00E 7A42 8375 0C55 964F E5A4 4D2F 22F6 3658 A4BF
Today I stumbled across the world's largest hotspot. The SSID is "linksys".
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCwq0QTS8i9jZYpL8RApOqAKCnTqrAwCaqKT3KALl0b8CDRo9I0QCfRKnB
LcY+tDFFcNAeMbsIg7YWe88=
=L/x5
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists