Penetration Testing mailing list archives
Re: Oracle hash-list?
From: James Hackett <jamespeterhackett () yahoo co uk>
Date: Mon, 21 Mar 2005 16:08:03 +0000 (GMT)
Check out this article http://international.visa.com/av/alliances/sai/alliances/pdf/Encrypting_Data_in_Oracle.pdf or a brute forcer, of some kind within SQL http://www.password-crackers.com/crack2.html if DES or some description were would the salt value be stored within the database ??? it would have to be within the database tables some where ????? --- Nexus <nexus () patrol i-way co uk> wrote:
Jeroen wrote:Steven DeFord<mailto:security.willworker () gmail com> wrote:1) What's the hashing algorithm?Unknown, it's proprietary.Adding to that, it's also aggressively defended by Oracle - I know of two occasions in which a legal Cease & Desist has been fired off... If there are such hash related tools out there, don't expect anyone to advertise the fact. Cheers.
Current thread:
- Oracle hash-list? Jeroen (Mar 15)
- Re: Oracle hash-list? Pieter Danhieux (Mar 16)
- Re: Oracle hash-list? Steven DeFord (Mar 16)
- Re: Oracle hash-list? Joshua Wright (Mar 21)
- Re: Oracle hash-list? Steven DeFord (Mar 16)
- <Possible follow-ups>
- Re: Oracle hash-list? Jeroen (Mar 16)
- Re: Oracle hash-list? Nexus (Mar 21)
- RE: Oracle hash-list? McAllister, Andrew (Mar 21)
- Re: Oracle hash-list? James Hackett (Mar 21)
- Re: Oracle hash-list? Pieter Danhieux (Mar 16)