Auditing an Oracle database for security issues is very important. PeteFinnigan.com provides all of the information and tools that you will need Click here for details of PeteFinnigan.com Limited's detailed Oracle database security audit service Click here for details of PeteFinnigan.com Limited's Oracle Security Training Courses
Cookie Policy:We only use essential cookies on small sections of this website. For details see here.

Welcome, Guest. Please Login.
Nov 17th, 2017, 9:20pm
News: If you would like to register contact the forum admin
Home | Help | Search | Members | Login
   Pete Finnigan's Oracle Security Forum
   Oracle Security
   Oracle Security
(Moderator: Pete Finnigan)
   Key and algo for encrypting the listener password.
« Previous topic | Next topic »
Pages: 1  Reply | Notify of replies | Send Topic | Print
   Author  Topic: Key and algo for encrypting the listener password.  (Read 9794 times)
riz
PeteFinnigan.com Newbie
*



I love YaBB 1G - SP1!

   
View Profile |

Posts: 4
Key and algo for encrypting the listener password.
« on: Jul 28th, 2007, 2:14am »
Quote | Modify

Hi,
 
I would like to know the key and algorithm used for encrypting the listener password. I see that if I set the password on the server using change_password, and use the same password (in clear text) on the lsnrctl prompt (run on remote machine) using set password, the password is encrypted/hashed while being sent to server (seen using tcpdump).
 
I want to use it in my C code (from remote machine)to communicate with the listener (on the server), hence I am interested in knowing the key/algo for the same.
 
The listener.ora, sqlnet.ora and tnsnames.ora file does not contain any key/algo specifications, hence the values must be default.
 
Kindly excuse if I am not clear as I am new to this domain.
 
Any help is highly appreciated.
 
Regards,
Riz.
IP Logged
kornbrust
PeteFinnigan.com Newbie
*





   
View Profile |

Gender: male
Posts: 27
Re: Key and algo for encrypting the listener passw
« Reply #1 on: Jul 28th, 2007, 8:08am »
Quote | Modify

Riz,
 
The Oracle TNS Listener is using the Oracle password algorithm (from the database) to hash the listener password using the change_password command.
 
People often misunderstand this concept.
 
There are 2 ways to set the listener password with the set password command:
1. set password tiger
2. set password <CR>
  password: tiger
 
In the first case the string "tiger" is sent in cleartext, in the second case the string "tiger" is hashed with the Oracle password algorithm and the result (=hash value) is sent in cleartext.
 
For an attacker there is no difference if he intercepts the string because this string is used for the listeneer authentication. The attacker just uses the
 
 set password E7C4...
 
to send the hash value.
The hashing algorithm is only used to generate a (random) string. The hashing algorithm is only useful for dictionary attacks against the TNS listener (e.g. for hashing a dictionary file).
 
Hope this helps.
 
 Alexander
 
--
Alexander Kornbrust
« Last Edit: Sep 17th, 2009, 3:54pm by Pete Finnigan » IP Logged
riz
PeteFinnigan.com Newbie
*



I love YaBB 1G - SP1!

   
View Profile |

Posts: 4
Re: Key and algo for encrypting the listener passw
« Reply #2 on: Aug 2nd, 2007, 12:45am »
Quote | Modify

Hi Alexander,
 
Thanks for taking time out but as observed the password sent over the network is always the encrypted as shown below
 
"DESCRIPTION=(CONNECT_DATA=(CID=(PROGRAM=)(HOST=)(USER=oracle))(COMMAND= status)(ARGUMENTS=64)(PASSWORD=125916DFCEFE8F08)(SERVICE=)(VERSION=)))"
 
irrespective of the way the password was entered  
 
1) set password <passwd> or  
2) set paswprd <CR>  
  password: <passwd>.
 
Also, the Oracle password algorithm as mentions on red-database-security that the username is concatenated to the user's password, and "all characters will be converted to uppercase before the hashing starts 8-byte hash, encrypted with a DES encryption algorithm without real salt (just the username)".
 
but as I have observed, irrespective of the username used, the encrypted password is always same for a password "welcome" (125916DFCEFE8F08), which indicates that username is not used in calculating the password for listener authentication.
 
Hence, my original query still stands about the algo used for encrypting the listner password.
 
Thanks in advance,
Riz
« Last Edit: Sep 17th, 2009, 5:25pm by Pete Finnigan » IP Logged
kornbrust
PeteFinnigan.com Newbie
*





   
View Profile |

Gender: male
Posts: 27
Re: Key and algo for encrypting the listener passw
« Reply #3 on: Aug 2nd, 2007, 10:25pm »
Quote | Modify

Riz,
 
what version of Oracle do you use? That's important. Oracle changed the behaviour of the set password command in some newer versions (AFAIK with 9206/9207).
 
The listener does not have an username that's why Oracle is using the artificial username "arbitrary" instead, e.g.
hash(ARBITRARYWELCOME).
 
---
#----ADDED BY TNSLSNR 22-MAR-2006 01:21:55---
PASSWORDS_LISTENER = C75FBC1C9FA2F2D3
#--------------------------------------------
 
D:\orabf>oraclehash arbitrary v1enna
c75fbc1c9fa2f2d3:arbitrary
--
 
In some versions of 64 bit operating systems there was a problem in the implementation of this algorithm. But in most OS the Oracle password algorithm should work.  
 
I hope this solves the problem.
 
Regards
 
 Alexander
--
« Last Edit: Sep 17th, 2009, 3:54pm by Pete Finnigan » IP Logged
marcellmajor
PeteFinnigan.com Newbie
*



I love YaBB 1G - SP1!

   
View Profile |

Posts: 1
Re: Key and algo for encrypting the listener passw
« Reply #4 on: Jan 22nd, 2010, 11:30pm »
Quote | Modify

There is a detailed description for this algo:
http://marcellmajor.com/frame_listenerhash.html
IP Logged
Pages: 1  Reply | Notify of replies | Send Topic | Print

« Previous topic | Next topic »

Powered by YaBB 1 Gold - SP 1.4!
Forum software copyright 2000-2004 Yet another Bulletin Board