| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu Aug 25 12:49:48 2005 From: simon at lab.b-care.net (Simon Marechal) Subject: HOWTO: Crack Oracle Security like a peanut? Jeroen wrote: > I can reproduce the things mentioned for user/pass-combinations sized 64 > bits. For larger combinations (> 64 bits ---> 2 or more 64 bits DES blocks) > I can't figure out yet how things work. Have some of you guys 'n girls > already played around with this description? And are you willing to share > results? > > Thanks, > > Jeroen AFAIK, it works this way: * usernames and password are concatenated in a string s * s is converted to unicode * it is encrypted using des ncbc mode, with key 0x123456789abcdef, and initialization vector 0 * the same string is encrypted again using the updated initialization vector as a key, with another null initialization vector * the updated initialization vector is the hash Attached is the corresponding john plugin. It is somehow like the mscash plugin in the sense that it uses usernames, that means it wont work properly out of the box, manual tweaking is required. Bob the Butcher will provide this cipher by default when it ships. At least it is way better than those SQL password checking scripts. -------------- next part -------------- A non-text attachment was scrubbed... Name: oracle_fmt.c Type: text/x-csrc Size: 5401 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050825/f85ff3df/oracle_fmt.bin
Powered by blists - more mailing lists