Call: +44 (0)1904 557620 Call
Blog

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "New Online MD5 Hash Database"] [Next entry: "undocumented Oracle?"]

Red Database Security has released a standalone Oracle password cracker



Red Database Security has just let me know that they have released a stand alone Oracle password cracker using Eric Youngs DES Encryption library. There are two downloads available. The first is oracle_checkpwd.zip (704KB) which includes the libraries and also a default password list. The second is checkpwd_big.zip (4.7MB) which again includes the libraries and binary and a 1.5 million word dictionary. The tool can be used as follows:


C:\petefinnigan.com\alex\password cracker>checkpwd
Checkpwd 1.00 - (c) 2005 by Red Database-Security GmbH

usage: checkpwd <-quiet>
for example: checkpwd -quiet system/manager@mydbserver default_passwords.txt
or: checkpwd SCOTT:F894844C34402B67 default_passwords.txt


you can connect to the database and get the password hash from there or supply it on the command line. Here is a sample run:


SQL> alter user scott identified by zztop;

User altered.

SQL> select username,password from dba_users
2 where username='SCOTT';

USERNAME PASSWORD
------------------------------ ------------------------
SCOTT C602545F6676B420

SQL>


The password hash can be then be used as input to the tool:


C:\petefinnigan.com\alex\big_password_check>checkpwd SCOTT:C602545F6676B420 pass
word_list.txt
Checkpwd 1.00 - (c) 2005 by Red Database-Security GmbH

opening weak password list file
reading weak passwords list
checking passwords
SCOTT has weak password zztop

Done. Summary:
Passwords checked : 1543885
Weak passwords found : 1
Elapsed time (min:sec) : 0:11
Passwords / second : 140353



It is quite fast at 140,000 passwords per second but not as fast as those crackers in commercially tools available but is leagues better than using PL/SQL based tools to audit passwords with. I will add links to these tools on my Oracle Security Tools page.