[Previous entry: "Writing a password cracker in Perl"] [Next entry: "IOUG Critical Patch Update Survey Results Are Out"]
A new version of woraauthbf is available (The Oracle password cracker)
February 11th, 2009 by Pete
Post to del.icio.us
Post to Furl
I have been in discussions and helping with some testing for the latest version of Laszlo Toth's excellent Oracle password cracker woraauthbf. The main page for the cracker describes the various releases and also describes how the cracker works and can be used.
This bugfix release (0.22R2) is to fix a bug in the 11g password hash checking where the brute force mode for 11g stopped working when the pre-loading was added to the cracker.
A pre-compiled version of worauthbf for Windows is available. The C source code for the latest version is also available.
If you are serious about Oracle security you should run my simple sqlplus script that implements an Oracle password cracker in PL/SQL first and then when you are comfortable with the process move to a binary cracker such as woraauthbf to test passwords to a stronger level.
Thanks Laszlo for your great work on this free program.
