Thu 27 Jan 2011
I was preparing a presentation for RMOUG and wanted to show how easy it is to crack Oracle passwords once you get the hashes.
There are a lot of Oracle password crackers out there but I find that using low level C code in a presentation makes the audience leave before you get to the half of the page. Using PL/SQL is a possibility but I wanted a very quick and concise way of showing the relevant code. So, Python to the rescue. But, I did not want to write code that requires installation of the Python Oracle drivers and would be tied to a specific compiled version so I used a simple class I wrote about here to do the DB connection.
The main piece of code is the password calculation which in Python looks like this:
s = hashlib.sha1() s.update(p) s.update(salt) return s.hexdigest().upper()
That’s about it. The rest of the code plays with various options, handles the select from the database, iteration on the dictionary file and splitting the hash from the spare4 field into the hash and salt. I find that using Python allows you to do quick hacks and add more checks to the cracker easily.
So, here is the code. Love to hear your thoughts. Also, if someone can test it on Windows I will be grateful.
PS – if I’ll get permission from Alex, I will post his password file and complete the download package.