GSAuditor – Fastest Oracle 11g password cracker (AFAIK)

Danny boy from evilfingers.com informed me that his tool gsauditor now supports Oracle 11g passwords (+ many other variants of SHA-1). GSAuditor is really fast and with more than 6 million password hashes per second (Core2Quad Q6600 2.4 GHz, Vista 64) it’s currently the fastest Oracle 11g password cracker I know.  At the moment GSAuditor is not supporting multiple threads but Danny boy is working on it. The number will increase by 4 (=more than 20 mill hashes/second).

GSAuditor - unsuccessful crack GSAuditor - successful crack

To extract the password hashes from Oracle 11g you can use the following SQL query to retrieve the Oracle password hash + salt from the table sys.user$:

SQL> set linesize 120
SQL> select ‚gsauditor -binary -set:?d -append -salt:’||substr(u.spare4,43,20)||“||substr(u.spare4,3,40)||‘ ‚ from sys.user$ u where u.type#>0 and length(spare4) =62;

Leave a Reply

You must be logged in to post a comment.