Sunday, November 23, 2008

Oracle Pwnage Part 5 -- Password Cracking with JTR


Thanks to dentonj for pointing out to me their was an Oracle patch for John the Ripper.

I used the john from this site:
http://www.banquise.net/misc/patch-john.html
http://btb.banquise.net/bin/myjohn.tgz

cg@segfault:~/evil/john/run$ more oraclehashes
SCOTT:F894844C34402B67
SYS:E0F3062B9648608A
SYSTEM:7AD9669C7FE693C1
DBSNMP:E066D214D5421CCC
PROD:2E817F456CE5A4EC
TEST:7A0F2B316C212D67

cg@segfault:~/evil/john/run$ ./john oraclehashes --wordlist=password.lst
Loaded 6 password hashes with 6 different salts (Oracle [oracle])
TIGER (SCOTT)
DBSNMP (DBSNMP)
TEST (TEST)
guesses: 3 time: 0:00:00:00 100% c/s: 133842 trying: ZHONGGUO

cg@segfault:~/evil/john/run$ ./john --i oraclehashes
Loaded 3 password hashes with 3 different salts (Oracle [oracle])
Warning: mixed-case charset, but the current hash type is case-insensitive;
some candidate passwords may be unnecessarily tried more than once.
PROD (PROD)
...


CG

2 comments:

Anonymous said...

Is there any alternative program able to crack Oracle Apex hashes except checkpwd2 from Red Database Security?

CG said...

i have no idea, try emailing the red-database guys, please let me know what you find out though