数据库中oracle 密码破解之工具
忘记了oracle密码,可以使用orapwd 初始化sys密码;然后再修改其他帐户密码,还有就是破解。
工具下载和破解速度对比见下面的连接:多数还是基于字典的破解,复杂些的密码还是比较难以破解的。推荐两个破解工具 checkpwd.exe 和 orabf.exe
http://www.red-database-security.com/whitepaper/oracle_password_cracker.html
1、checkpwd.exe
D:oracle_checkpwd>checkpwd.exe sysman/oracle default_passwords.txt
Checkpwd 1.23 [Win] - (c) 2005-2007 by Red-Database-Security GmbH
Oracle Security Consulting, Security Audits & Security Trainings
http://www.red-database-security.com
initializing Oracle client library
connecting to the database
retrieving users and password hash values
disconnecting from the database
opening weak password list file
reading weak passwords list
checking passwords
Starting 4 threads
TEST2 has weak password ORACLE [OPEN]
ORACLEDBA has weak password ORACLE [OPEN]
SCOTT has weak password ORACLE [OPEN]
ORACLE has weak password ORACLE [OPEN]
TSMSYS has weak password TSMSYS [EXPIRED & LOCKED]
PM has weak password CHANGE_ON_INSTALL [EXPIRED & LOCKED]
MDDATA has weak password MDDATA [EXPIRED & LOCKED]
BI has weak password CHANGE_ON_INSTALL [EXPIRED & LOCKED]
IX has weak password CHANGE_ON_INSTALL [EXPIRED & LOCKED]
DIP has weak password DIP [EXPIRED & LOCKED]
OE has weak password CHANGE_ON_INSTALL [EXPIRED & LOCKED]
SH has weak password CHANGE_ON_INSTALL [EXPIRED & LOCKED]
HR has weak password CHANGE_ON_INSTALL [EXPIRED & LOCKED]
SYSMAN has weak password ORACLE [OPEN]
MDSYS has weak password MDSYS [EXPIRED & LOCKED]
DBSNMP has weak password ORACLE [OPEN]
ORDSYS has weak password ORDSYS [EXPIRED & LOCKED]
DMSYS has weak password DMSYS [EXPIRED & LOCKED]
WMSYS has weak password WMSYS [EXPIRED & LOCKED]
EXFSYS has weak password EXFSYS [EXPIRED & LOCKED]
CTXSYS has weak password CHANGE_ON_INSTALL [EXPIRED & LOCKED]
XDB has weak password CHANGE_ON_INSTALL [EXPIRED & LOCKED]
ORDPLUGINS has weak password ORDPLUGINS [EXPIRED & LOCKED]
ANONYMOUS OK [EXPIRED & LOCKED]
SI_INFORMTN_SCHEMA OK [EXPIRED & LOCKED]
SYS has weak password ORACLE [OPEN]
OLAPSYS has weak password MANAGER [EXPIRED & LOCKED]
MGMT_VIEW OK [OPEN]
SYSTEM has weak password ORACLE [OPEN]
OUTLN has weak password OUTLN [EXPIRED & LOCKED]
Done. Summary:
Passwords checked : 3574
Weak passwords found : 27
Elapsed time (min:sec) : 0:02
Passwords / second : 1787
D:oracle_checkpwd>
2、ORABAF.EXE
首先找到用户oracle的密码的hash值38E38619A12E0257,dba_users
SQL> alter user oracle identified by oracle;
用户已更改。
SQL> select password from dba_users where username='ORACLE';
PASSWORD
------------------------------
38E38619A12E0257
SQL>
D:orabf-v0.7.6>orabf.exe
orabf v0.7.6, (C)2005 orm@toolcrypt.org
---------------------------------------
usage: orabf [hash]:[username] [options]
options:
-c [num] complexity: a number in [1..6] or a filename
- read words from stdin
[file] read words from file
1 numbers
2 alpha
3 alphanum
4 standard oracle (alpha)(alpha,num,_,#,$)... (default)
5 entire keyspace (' '..'~')
6 custom (charset read from first line of file: charset.orabf)
-m [num] max pwd len: must be in the interval [1..14] (default: 14)
-n [num] min pwd len: must be in the interval [1..14] (default: 1)
-r resume: tries to resume a previous session
D:orabf-v0.7.6>orabf.exe 38E38619A12E0257:oracle -c 6
orabf v0.7.6, (C)2005 orm@toolcrypt.org
---------------------------------------
Trying default passwords...
password found: ORACLE:ORACLE
D:orabf-v0.7.6>
修改密码后再测试
SQL> alter user oracle identified by oracle123;
用户已更改。
SQL>
SQL> select password from dba_users where username='ORACLE';
PASSWORD
------------------------------
B1BA9ED1B2B824CC
SQL>
D:orabf-v0.7.6>orabf.exe B1BA9ED1B2B824CC:oracle -c 6
orabf v0.7.6, (C)2005 orm@toolcrypt.org
---------------------------------------
Trying default passwords...
password found: ORACLE:ORACLE123
D:orabf-v0.7.6>orabf.exe B1BA9ED1B2B824CC:oracle -c 3
orabf v0.7.6, (C)2005 orm@toolcrypt.org
---------------------------------------
Trying default passwords...
password found: ORACLE:ORACLE123
D:orabf-v0.7.6>