lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: 23 Aug 2005 12:15:32 -0000
From: ak@...-database-security.com
To: bugtraq@...urityfocus.com
Subject: Oracle Password Checker


Hello Bugtraq-Reader

we have implemented a free dictionary based Oracle password checker 
for Oracle databases called checkpwd 1.0. This is a useful tool for DBAs to 
identify Oracle accounts with weak or default passwords.

Details & Download
http://www.red-database-security.com/software/checkpwd.html


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Usage with Oracle database connect (requires installed Oracle client)

C:\>checkpwd system/strongpw@...abase password_list.txt

Checkpwd 1.00 - (c) 2005 by Red-Database-Security GmbH

initializing Oracle client library
connecting to the database
retrieving users and password hash values
opening weak password list file
reading weak passwords list
checking passwords
SYSTEM OK
SYS OK
MGMT_VIEW OK
DBSNMP OK
SYSMAN OK
KORNBRUST OK
INTERNET_APPSERVER_REGISTRY has weak password INTERNET_APPSERVER_REGISTRY
WIRELESS has weak password WIRELESS
PORTAL_APP has weak password PORTAL
PORTAL_PUBLIC has weak password PORTAL
WCRSYS has weak password WCRSYS
UDDISYS has weak password UDDISYS

Done. Summary:
Passwords checked : 13230016
Weak passwords found : 6
Elapsed time (min:sec) : 1:42
Passwords / second : 138152

 

Usage standalone

c:\>checkpwd SCOTT:F894844C34402B67 default_passwords.txt
Checkpwd 1.00 - (c) 2005 by Red-Database-Security GmbH

opening weak password list file
reading weak passwords list
checking passwords
SCOTT has weak password TIGER

Done. Summary:
Passwords checked : 595
Weak passwords found : 1
Elapsed time (min:sec) : 0:0
Passwords / second : 595
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Regards

 Alexander Kornbrust
 ak at red-database-security.com 

 Red-Database-Security GmbH
 http://www.red-database-security.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ