Penetration Testing mailing list archives
Re: Oracle AUTH_PASSWORD string
From: Joshua Wright <jwright () hasborg com>
Date: Thu, 01 Dec 2005 10:50:03 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Peter, P. Entester wrote:
I am looking for pointers on information showing me how to decypher AUTH_PASSWORD strings, which look like some kind of hash to me. The rest of the traffic is clear text however, including the SQL queries and answers.
Maybe you can provide some examples? I'm not sure what data you are looking at from your message. - -Josh -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) iD8DBQFDjxtbTS8i9jZYpL8RAsJPAKCF0uamK5eKlHZm+4GMzSxi3RCr7gCgnyCI MOa9jDht9fR7S9XPPYHuJlM= =MRNA -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Oracle AUTH_PASSWORD string P. Entester (Dec 01)
- Re: Oracle AUTH_PASSWORD string David Cravshaw (Dec 01)
- Re: Oracle AUTH_PASSWORD string Joshua Wright (Dec 01)
- Re: Oracle AUTH_PASSWORD string Byron Sonne (Dec 01)