DBAs do bad things by stealing Oracle user identities

DBA manages all the data in the database. However, it is not convenient to use the Administrator identity for some data operations due to audit or other reasons, however, you do not know the user password of the Oracle user, because the Oracle user password is encrypted. There is no way to use another Oracle user identity to play with the password without having to know the password. After the password is completed, how can I return it? Of course there is a way. Let's see how it works.

The example was tested with 8i, but there is a new change in the 11g version. The password encryption string is put in user $ and needs to be found in user $:

SQL> select * from v $ version;
/C clsBANNER
----------------------------------------------------------------
Oracle8i Enterprise Edition Release 8.1.7.0.0-Production
PL/SQL Release 8.1.7.0.0-Production
CORE 8.1.7.0.0 Production
TNS for 32-bit Windows: Version 8.1.7.0.0-Production
NLSRTL Version 3.4.1.0.0-Production

SQL> create user test identified by test;

User Created

SQL> SELECT password FROM dba_users WHERE username = 'test ';
/C clsPASSWORD
------------------------------
7A0F2B316C212D67

SQL> alter user test identified by newpwd;

The user has changed.

SQL> SELECT password FROM dba_users WHERE username = 'test ';
/C clsPASSWORD
------------------------------
201797952bfee21c3

SQL> grant connect, resource to test;

Authorization successful.

A test user is created above. The original password is test and then changed to newpwd. Note that the encrypted string of the test password is "7a0f2b1_c212d67 ".

Start another session to test the connection:

C: \> sqlplus/nolog

SQL * Plus: Release 8.1.7.0.0-Production on Thursday March 13 15:37:54 2014

(C) Copyright 2000 Oracle Corporation. All rights reserved.

SQL> connect test/test @ xcldb
ERROR:
ORA-01017: invalid username/password; logon denied

SQL> connect test/newpwd @ xcldb
ERROR:
ORA-01045: user TEST lacks create session privilege; logon denied

SQL> connect test/newpwd @ xcldb
Connected.
SQL> disconnect;

Verify that the new password is valid.

Change the password to the old "test.

The magic password string comes back.

Test again:

SQL> disconnect;
From Oracle8i Enterprise Edition Release 8.1.7.0.0-Production
With the Partitioning option
JServer Release 8.1.7.0.0-Production disconnected
SQL> connect test/newpwd @ xcldb
ERROR:
ORA-01017: invalid username/password; logon denied

SQL> connect test/test @ xcldb
Connected.
SQL>

Well, you can use the old password "test" to log on again.

This technique is just for fun.