Oracle 11g Password Cracker

Oracle 11g password algorithm is revealed. It’s based on SHA-1. The Hacker’s Choice (THC) says:

vonjeek/THC is proud to release the first full blown cracker for Oracle 11g. This tool can crack passwords which are encrypted using Oracle’s latest SHA1 based password protection algorithm.

You can download vonjeek/THC tool here. This page has an interesting title: “unbreakable” Oracle uncertified associate.

Also there is story on Pete Finnigan’s Oracle security weblog (here).

Share this... Tweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Email this to someone

2 Responses

  1. Marko

    I haven’t done with Oracle yet, but it sounds very interesting. I wonder, does 77 times less possibilities means enough improvement? Perhaps, the main problem lies in SHA1 algorithm?

Leave a Reply