Home page logo

pen-test logo Penetration Testing mailing list archives

[PEN-TEST] Oracle USER$ password hashes
From: Olle Segerdahl <olle () NXS SE>
Date: Thu, 9 Nov 2000 11:02:37 +0100

Does anyone have a clue as to what "encrytion" method Oracle (7.x, 8.x) uses
to store passwords in the SYS.USER$ table?

Since the hashes are always the same for the same password, it most
definately isn't salted....

An example (the default passwords of SYS and SYSTEM):

change_on_install       = D4C5016086B2DC6A
manager                 = D4DF7931AB130E37


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]