[Previous entry: "Belated Christmas wishes and a happy new year to all readers"] [Next entry: "Training in York, England and Washington DC and adverts"]
Hiding password hashes and a new sha1 Oracle password cracker
January 4th, 2010 by Pete
Post to del.icio.us
Post to Furl
There was a good blog post titled "The need to ensure that hashed password values are safe" picked up via my Oracle blogs aggregator that discusses Dennis's FPGA cracker and also the importance of not letting the password hashes out of your site.
Laszlo also emailed me today to let me know about Marcell Major's new brute force password cracker for databases that uses the CUDA framework for NVIDIA GPU's to implement the SHA1 algorithm for Oracle 11g database passwords and also SQL Server passwords. The cracker allows a password file to be used and also implements session handling so it can be easily used on security audits of databases. The cudadbcracker page is here and the cudadbcracker binary is here and the cudadbcracker course code released under GPLv3 is here.
