Re: Script suggestion - oracle

[David Fifield <david () bamsoftware com>]

On Thu, Oct 04, 2012 at 09:48:43AM +0200, Martin Holst Swende wrote:
> On 09/30/2012 05:46 AM, Dhiru Kholia wrote:
> > I have authored JtR and Ettercap plug-ins to exploit the cryptographic
> > flaw in Oracle Database authentication protocol. See
> > http://www.openwall.com/lists/john-users/2012/09/29/2
> > s 
> > ✗ ../run/john -fo:o5logon -t
> > Benchmarking: Oracle O5LOGON protocol [32/64]... DONE
> > Raw:    748982 c/s real, 754370 c/s virtual
> >
> > This is ~2.5X faster than Marcel's tool
> > (http://marcel.vandewaters.nl/oracle/security/cryptographic-flaws-in-oracle-database-authentication-protocol).
> >
> > oracle-brute.nse script is failing for me. I have sent an email to
> > Patrik (along with .pcap files) to debug the issue. Once this is
> > sorted out, I will try to figure out how do to stealth attack against
> > Oracle databases.
> I'd suggest that the we just modify the oracle-enum-users to dump out
> the salt and auth_vfr_data in a format which can be consumed by john,
> instead of actually adding password cracking. That is the same approach
> as in http-domino-enum-users, where the script output tells the user
> what jtr --format to use for the hashes.
> /Martin

Good idea, I agree with this.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/