Oracle 11g Password Cracker

Posted on September 29, 2007 by Dragan Pleskonjic

Oracle 11g password algorithm is revealed. It’s based on SHA-1. The Hacker’s Choice (THC) says:

vonjeek/THC is proud to release the first full blown cracker for Oracle 11g. This tool can crack passwords which are encrypted using Oracle’s latest SHA1 based password protection algorithm.

You can download vonjeek/THC tool here. This page has an interesting title: “unbreakable” Oracle uncertified associate.

Also there is story on Pete Finnigan’s Oracle security weblog (here).

Share

About Dragan Pleskonjic

Chief Security Officer (CSO), Adjunct Professor, Security Researcher, Entrepreneur, Security Architect & Adviser, Software Development Manager, ISO 27001 Certified ISMS Lead Auditor, PCI ISA (Payment Card Industry Internal Security Assessor) More info about Dragan Pleskonjic.
This entry was posted in Database Security and tagged , , , , . Bookmark the permalink.

2 Responses to Oracle 11g Password Cracker

  1. Marko says:
    September 30, 2007 at 1:19 pm

    I haven’t done with Oracle yet, but it sounds very interesting. I wonder, does 77 times less possibilities means enough improvement? Perhaps, the main problem lies in SHA1 algorithm?

  2. Pingback: windows vista password cracker

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>