mailing list archives
Re: [PEN-TEST] Oracle USER$ password hashes
From: Stefan Aeschbacher <stefan () AESCHBACHER COM>
Date: Fri, 10 Nov 2000 11:12:20 +0100
"Edwards, Steve" wrote:
If anyone wants to "reverse-engineer" the Oracle password encryption
method, this may help.
Due to lack of an Oracle it won't be me, but I can try to make some
on the algorithm used (which may or may not help to find the algorithm).
4) The encrypted password is always 16 characters.
5) The encrypted password is only composed from the set "0123456789ABCDEF"
This seems to point to a hex representation of the data.
Therefore we have a string of 64bit length as an output.
As at least one byte is lost to the salt, this function generates
far to short ciphertexts (<=56bit). Once the algorithm is known,
this gives a good basis for a birthday attack.
6) The encrypted password is derived from both the name and the cleartext
password. Changing any character in the name or cleartext password changes
the encrypted password.
As we seem to have a salt, (did somone verify which bytes?) could this
the reason for the changes and not the change in the name?
If the salt is really the first byte, then your table "Changing the last
would prove the assumption that the name is involved (there are two
C6 as the first byte).
The function most certainely is a one way function. So either its a hash
which works on the password, the salt and maybe the name. Or its
a MAC-function which additionnaly adds some kind of key (not very
as there is no gain in security unless every copy of ORACLE has another
A symmetric cipher does not make any sense as there had to be a PW
somwhere which could be used to decrypt the encrypted PW.
Here are some example pairs. Only the name is changed, the password is
the same -- "ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ" (30 Z's.)
Re: [PEN-TEST] Oracle USER$ password hashes Pawel Krawczyk (Nov 11)
[PEN-TEST] Oracle USER$ password hashes (Summary) Olle Segerdahl (Nov 14)