Archive for the ‘Tools’ Category

Decrypt Oracle and database link passwords

Mittwoch, Oktober 2nd, 2013

At Derbycon 3.0, László Tóth and Ferenc Spala  gave a a new presentation „What’s common in Oracle and Samsung? They tried to think differently… “ (Video). The main focus of the presentation was the Samsung encryption and a new framework called sandy but there was also a small Oracle part.

Laszlo and Ferenc showed how to decrypt Oracle database links in Oracle and Oracle using a small utility called „“. In previous versions Oracle used DES to encrypt/decrypt database links. These database link passwords start with „05“ (Oracle’s indicator for DES).


Blackhat 2010 Presentation „Oracle, Interrupted: Stealing Sessions and Credentials“ online

Sonntag, April 18th, 2010

 The Blackhat Europe 2010 „Oracle, Interrupted: Stealing Sessions and Credentials“ (presentation, whitepaper) of Steve Ocepek and Wendel G. Henrique are online. An interview with Steve about the talk can be found here.

As mentioned in a previous blog post this talk  shows how to intercept unencrypted (=default) TNS connections and inject statements into a running session. Steve and Wendel will soon release 2 tools Vamp and thicknet.

I will try to present these tools at the DOAG Expertenseminar in Berlin.

DOAG Expertenseminar

A good summary of the talk can be found at Peter Van Eeckhoutten’s blog.

New fast Oracle DES password cracker OPS_SSE2

Donnerstag, April 15th, 2010

Dennis Yurichev has released a new password cracker (brute-force) called ops_sse2 for Oracle DES passwords.  This password cracker is the fastest brute force cracker for Oracle DES passwords and approx. 3 times faster than woraauthbf from Laszlo Toth.

Here a quick comparision on my Quad2Core (2.4 GHz):


Password length (8 character) (only characters) can be cracked  in approx 3 hours. For numbers and characters it takes approx. 2.5 days for a single password.

Impressive work…

Python Source for PLSQL Unwrapper posted

Dienstag, April 13th, 2010

Niels Teusink has posted a Python script to unwrap PL/SQL code (10g+ only). This python script can unwrap code on the command line.

More details are available in the blog entry of Niels.

This is a better solution than the online unwrapper.

Man-in-the-Middle attacks at upcoming Black Hat Europe

Montag, April 12th, 2010

Wendel Guglielmetti Henrique  and Steve Ocepek will demonstrate at the upcoming Black Hat Europe 2010 in Barcelona (14-15 April) how to steal credentials by downgrading authentication mechanisms as well as overtaking existing user sessions. They will also show their thicknet tool which will be available after the conference.

This sounds similar to Laszlo work on downgrading JDBC. But I had already a chance to review their presentation so I know it is different.

More information after their presentation.