For those who are very concerned about the security of Oracle relational database systems, especially those that involve Oracle password mechanisms or algorithms, the old version of Oracle (especially 10 Gb or earlier versions) it has always been regarded as an easy target for hackers. It seems that you will never find a way to protect your system from hacker attacks. You can arm your system in many ways, but there are things you can never avoid. For example, there are always people who need to be able to access and access sensitive data, most client connections also involve data transmission over the network.
Sometimes the database administrator has to use the "hacker" password cracking Technique to solve the problem. You will ask, how can a database administrator have all the keys in the database and become a hacker? Because the ability to access all data does not mean that you can view all the data. In particular, the ability to view the hash value of a password does not mean that the password itself can be viewed.
Why does the database administrator want to see the actual password value? More specifically, why does the database administrator want to know the plaintext of a specific password? As you can imagine, this is indeed the case in many cases. Common reasons include the use of old application products, high-frequency personnel transfer, and poor password management and archiving. Changing the password of SYS and SYSTEM is usually not a big problem, but what if it is an OLD_APP password?
Search for "Oracle password cracking tools" on the Internet, and you will find many "Good things" and even self-made software similar to hacker programs. This article selects Laszlo Toth's woraauthbf tool, from the following link (http://www.soonerorlater.hu/index.khtml? Article_id = 513) can be viewed and downloaded. This program can meet the needs of this article. You can use woraauthbf to create a text file that includes the user name, hash password value, SID, and server name to deal with the old version of Oracle. Only the user name and hash password values are true. If you have thoroughly studied how Oracle creates hash values, you will surely know that the user name and password are closely linked, and there is no relationship between SID and server name and hash value creation. Other "cracking" programs rely on network information, such as clients, Server IP addresses, ports, and third-party "sniffer" tools, to view the data transmitted between the client and the server.
Enter the instance quickly. Copy the output result of the following command to a txt file, and create the password file mentioned above.
Select username |: | password |: | name |: | host_name |:
From sys. dba_users, sys. V _ $ DATABASE, sys. v _ $ instance;
Remind me again that the above name and host_name are whatever you want to obtain, or use real values. The output text file in this example is as follows:
SCOTT: DE59105EDBF4A687: ORCL: MYPC:
We know that the password of Oracle test user Scott is tiger, here is tigers (the final result is TIGERS, Oracle case-insensitive), from 5 to 6 characters. Decompress the downloaded woraauthbf file, open the command prompt line (DOS) window, and call this tool from here. Save the password file name as "named password_file.txt". Enter the following command line text:
Woraauthbf.exe-p c: password_file.txt
All parameters are selected by default. After the session is executed, the output result is as follows:
C: [my path]> woraauthbf.exe-p c: password_file.txt
Usernames will be permuted!
The number of processors: 2
Number of pwds to check: 321272406
Number of pwds to check by thread: 160636203
Password file: c: password_file.txt, charset: alpha, maximum length: 6, type: hash
Start: 0 End: 160636203
Start array thread with 489 number of passwords!
Start: 160636203 End: 321272406
Writing session files...
Writing session files...
Password found: SCOTT: TIGERS: ORCL: MYPC
Elpased time: 164 s
Checked passwords: 153976754
Password/Second: 938882