Penetration Testing mailing list archives
Oracle AUTH_PASSWORD string
From: "P. Entester" <pentest__ () hotmail com>
Date: Thu, 01 Dec 2005 13:19:27 +0400
Hello gentlemen,I am looking for pointers on information showing me how to decypher AUTH_PASSWORD strings, which look like some kind of hash to me. The rest of the traffic is clear text however, including the SQL queries and answers.
I captured a few megs of Oracle traffic and want to be able to show the customer the importance of encrypting Oracle traffic on their network.
Since i am new to pentesting Oracle databases and analyzing Oracle traffic, i guess some basic guide on Oracle dialog interpretatino would best fit the purpose.
Thanks in advance, Peter. _________________________________________________________________FREE pop-up blocking with the new MSN Toolbar - get it now! http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/
------------------------------------------------------------------------------Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Oracle AUTH_PASSWORD string P. Entester (Dec 01)
- Re: Oracle AUTH_PASSWORD string David Cravshaw (Dec 01)
- Re: Oracle AUTH_PASSWORD string Joshua Wright (Dec 01)
- Re: Oracle AUTH_PASSWORD string Byron Sonne (Dec 01)