Home > Cloud Computing > Cloud Security

Brute force oracle password cracking through Orabrute (1)

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

1 The standard Oracle password can consist of letters, numbers, #, underscores (_), and dollar characters ($). The maximum length of the password is 30 characters; the Oracle password cannot start with "$", "#", "_" or any number. The password cannot contain "SELECT", "DELETE ", oracle/SQL keywords such as "CREATE.

2 Oracle weak algorithm encryption mechanism: two identical usernames and passwords are stored on two different Oracle Database machines, and the same

Hash Value. These hash values are stored in the SYS. USER $ table. It can be accessed through views such as DBA_USERS.

3. In the default configuration of Oracle, if each account fails to log on for 10 times, the account will be locked. However, the number of SYS accounts in Oracle

The database has the highest permissions and can do anything, including starting/disabling the Oracle database. Still accessible even if SYS is locked

Database.

From the previous basic knowledge 3, we can know that the best account for remote Oracle cracking is SYS, because this account is always valid. In versions earlier than Oracle10g, the system does not prompt to change the default password of SYS during installation. Although Oracle10g prompts to change the password, it does not check the complexity of the password.

You can use the Orabrute tool for remote cracking. When using this tool, you need to install Sqlplus in advance.

The principle is very simple, that is, the Sqlplus is constantly called for verification. The account selects sysand the password is the password word in password.txt. Once the logon is successful, the selectpassword. SQL script is called to capture the hash values of other users in the SYS. USER $ table, and then exit the program. Note that when you run Orabrute for the second time, you need to delete or move the thepasswordsarehere.txt and output.txt files generated when you run Orabrute in the same directory.

Orabrute http://www.ngssoftware.com/research/papers/oraclepasswords.zip

Orabrute official documentation http://www.ngssoftware.com/research/papers/oraclepasswords.pdf


This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More