Alexander Kornbrust Oracle Security Blog » Print » Dennis Yurichev wrote an article about his FPGA Oracle password cracker

Dennis Yurichev wrote an article about his FPGA Oracle password cracker

Dieser Eintrag stammt von Alexander Kornbrust Am 6 Dez 2009 @ 11:06 In Tools, passwords, Oracle Security | Kommentarfunktion deaktiviert

Dennis Yurichev wrote an interesting [1] background article about his FPGA password cracker for Oracle, currently the fastest (known) way to brute force Oracle DES passwords.

Dennis mentioned in the article that “By Oracle’s password standard, first password symbol is always Latin character (one of 26)”. This is not exactely correct if you enclose the password in double quotes. In this case all characters are allowed. I tested the FPGA cracker with the following test case and it seems not to crack the hash (currently still running).

SQL> grant dba to x identified by “1″;

Grant succeeded.

SQL> select username,password from dba_users where username=’X';

USERNAME PASSWORD
—————————— ——————————
X 4D91C057D0C4D801

If you want to try his FPGA cracker here is the [2] link.
Well done and very interesting article Dennis. The only thing I would be interestedis the price of the FPGA hardware.

Dieser Artikel wurde ausgedruckt ab Alexander Kornbrust Oracle Security Blog: http://blog.red-database-security.com

URL zum Artikel: http://blog.red-database-security.com/2009/12/06/dennis-yurichev-wrote-an-article-about-his-fpga-oracle-password-cracker/

URLs in this post:
[1] background article: http://conus.info/ops/ops.html#cite_note-5
[2] link: http://ops.conus.info/

Klicken hier zum Drucken.