Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

pen-test logo Penetration Testing mailing list archives

Re: Oracle hash rainbowtables
From: "Carl-Johan Bostorp" <carl-johan.bostorp () hps se>
Date: Fri, 3 Feb 2006 13:23:04 +0100
Hi,

Yes, I realize it depends on the login name, which is why I asked for SYS/SYSTEM :)

Even though your patch may be slow, it's of interest to me. Do you mind posting it? (either directly to me or publicly)

/C-J

P.s. I'm still interested in breaking a couple of hashes right away so if anybody already has the tables setup...?

-----Ursprungligt meddelande-----
Från: Fabien Kraemer [mailto:kraemer () darwin2 dyndns org] 
Skickat: den 3 februari 2006 11:16
Till: Carl-Johan Bostorp
Kopia: pen-test () securityfocus com
Ämne: Re: Oracle hash rainbowtables

Hello,

The problem is that Oracle hash depend on the login name. So you have to
  generate rainbow table for each login. A good idea is to create rainbow table for the defaults system account like : 
sys, system etc...

I made a patch for rainbowcrack but i did not have time to optimize it so it s pretty slow: 300 000 C/s on a pentium M 
1.6 ghz compared to more than 600 000 c/s for orabf.

Good luck ;)


Carl-Johan Bostorp wrote:

Hello peeps,

Does anybody have the patch to rainbowcrack to build Oracle 
rainbowtables? Or does anybody know of any service that does what 
rainbowcrack-online does but with a SYS/SYSTEM Oracle-hash?

/C-J

----------------------------------------------------------------------
-------- Audit your website security with Acunetix Web Vulnerability 
Scanner:

Hackers are concentrating their efforts on attacking applications on 
your website. Up to 75% of cyber attacks are launched on shopping 
carts, forms, login pages, dynamic content etc. Firewalls, SSL and 
locked-down servers are futile against web application hacking. Check 
your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
----------------------------------------------------------------------
---------



------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]