| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.misc -> Re: converting oracle passwords - Correction
Correction ... I put in the wrong encrypted item. The password to crack is:
A1804438615A7ADD Sorry for any confusion and the offer still stands.
Daniel Morgan
damorgan wrote:
> Please be so kind as to demonstrate this method to the group.
>
> Here's a password to unencrypt. FF1E47B18F4721AB
>
> I'll send you a nice crisp US $20 bill for the correct answer.
>
> I suspect what the instructor taught you was something entirely different that involved changing the
> password and then replacing the password with its original. A far cry from breaking the encryption
> algorithm and rendering Oracle security worthless.
>
> Daniel Morgan
>
> John wrote:
>
> > First of all it is not impossible. During my Oracle backup and
> > recovery class, the instructor, from Oracle, showed us how to convert
> > the encrypted values to actual values. And your assumptions that I
> > would either be inexperienced or do not understand the Oracle security
> > model are profoundly wrong. I just no longer want to use Oracle for
> > my security model. If you read my message, you would have seen that
> > the commercial application that I am using now uses Oracle users for
> > logins. The new system does not, and rather then asking 5000 people
> > to re-enter their information on a new system, it was my hope that we
> > would migrate it into the table and format that the application
> > requires. Our group is the one who assigned these passwords to the
> > users in the first place, however they were not tracked till recently.
> >
> > JR
> >
> > damorgan <damorgan_at_exesolutions.com> wrote in message news:<3CAB26BA.B7C90CD2_at_exesolutions.com>...
> > > It is impossible.
> > >
> > > Were it possible there would be no security in an Oracle database.
> > >
> > > And, quite frankly, there are only two reasons I can conceive of for
> > > wanting unencrypted passwords belonging to other users. One is a lack of
> > > experience so profound that you don't understand the Oracle security
> > > model. The other that you are trying to hack the system.
> > >
> > > Daniel Morgan
> > >
> > >
> > >
> > > John wrote:
> > >
> > > > I have a system that used oracle users for logins. The passwords are
> > > > of course encrypted. Our new system uses it's own table for
> > > > validation of logins. I need to copy over the usernames and passwords
> > > > from the dba_users table, into a seperate table, and have the
> > > > passwords be unencrypted so it can read them. Is there an easy way to
> > > > do this? Thanks.
> > > >
> > > > JR
Received on Fri Apr 05 2002 - 18:26:55 CST
 |
 |