Oracle AUTH_PASSWORD string

["P. Entester" <pentest__ () hotmail com>]

Hello gentlemen,

I am looking for pointers on information showing me how to decypher 
AUTH_PASSWORD strings, which look like some kind of hash to me. The rest of 
the traffic is clear text however, including the SQL queries and answers.

I captured a few megs of Oracle traffic and want to be able to show the 
customer the importance of encrypting Oracle traffic on their network.

Since i am new to pentesting Oracle databases and analyzing Oracle traffic, 
i guess some basic guide on Oracle dialog interpretatino would best fit the 
purpose.

Thanks in advance,

Peter.

_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar - get it now! 
http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------