Full Disclosure mailing list archives
Re: HOWTO: Crack Oracle Security like a peanut?
From: Fabien Kraemer <fabien.kraemer () gmail com>
Date: Thu, 25 Aug 2005 14:23:39 +0200
Now i need a beer ;) On 8/25/05, Simon Marechal <simon () lab b-care net> wrote:
Jeroen wrote:I can reproduce the things mentioned for user/pass-combinations sized 64 bits. For larger combinations (> 64 bits ---> 2 or more 64 bits DES blocks) I can't figure out yet how things work. Have some of you guys 'n girls already played around with this description? And are you willing to share results? Thanks, JeroenAFAIK, it works this way: * usernames and password are concatenated in a string s * s is converted to unicode * it is encrypted using des ncbc mode, with key 0x123456789abcdef, and initialization vector 0 * the same string is encrypted again using the updated initialization vector as a key, with another null initialization vector * the updated initialization vector is the hash Attached is the corresponding john plugin. It is somehow like the mscash plugin in the sense that it uses usernames, that means it wont work properly out of the box, manual tweaking is required. Bob the Butcher will provide this cipher by default when it ships. At least it is way better than those SQL password checking scripts. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- HOWTO: Crack Oracle Security like a peanut? Jeroen (Aug 24)
- Re: HOWTO: Crack Oracle Security like a peanut? Simon Marechal (Aug 25)
- Re: HOWTO: Crack Oracle Security like a peanut? Fabien Kraemer (Aug 25)
- Re: HOWTO: Crack Oracle Security like a peanut? Simon Marechal (Aug 25)