Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: orass.com: brick the unbreakable?!

Re: orass.com: brick the unbreakable?!

From: <teraknowledgesystems_at_hotmail.com>
Date: 28 Dec 2005 00:38:20 -0800
Message-ID: <1135759100.890811.259330@g43g2000cwa.googlegroups.com> 





http://www.red-database-security.com/whitepaper/oracle_passwords.html



check the refs! Oracle encryption and decryption routines never seen
before!






teraknowledgesystems_at_hotmail.com wrote:


> Download "Bush the war criminal" module and crack Oracle passwords for

>  fixed accounts like sys and system in mere seconds; visit the web site

>

>  for

>  detailed info on how to turn off auditing on cracked accounts; and for

>

>  backdoors to grant "select any table" priv's

>

>

>

>  Now, follow the code for the example scot/tiger and happy crackin'

>

>

>

>  static CONST_DATA ub4 knownk[2] = {

>   0x08192a3b,0x4c5d6e7f

>   };

>

>

>

>  static CONST_DATA ub4 testk[2] = {

>   0x25ddac3e, 0x96176467

>   };

>

>

>

>  static CONST_DATA ub4 encry[2] = {

>   0xfbf7f085, 0x9b6a3a7e

>   };

>

>

>

>  static CONST_DATA ub1 encrt[16] = {

>   0x1a, 0xc2, 0xc6, 0xba, 0xa4, 0x35, 0x30, 0xd7,

>   0x1f, 0x7e, 0x39, 0xe1, 0x82, 0xa9, 0x3f, 0x42

>   };

>

>

>

>  /*--------------------------------

>  MAIN--------------------------------*/


>   main()

>   {

>   char result[100];

>   char unresult[100];

>   int len;

>   ub4 in[2]; // unsigned byte; 4 bits

>   ub4 out[2];

>   ub4 key[2];

>   int j;

>

>

>

>  /* password tigertiger (in Ascii) defined as hex,

>   this is to allow testing on ebcidic machines

>   although string will not print on these machines */

>   static CONST ub1 passwd[] = {

>   0x74, 0x69, 0x67, 0x65, 0x72, 0x74, 0x69, 0x67,

>   0x65, 0x72, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20

>   };

>   static CONST size_t passwdlen = 16;

>

>

>

> //  printf("=== Password Encryption Test\n\n");

>  // printf("start string (in Ascii): %s\n\n", (char *)passwd);

>

>

>

>  /* what is the result for password? */

>   len = kzsrenp(result, passwd, passwdlen, knownk);

>

>

>

>   printf("Expected cipher for pasword tiger: 1A C2 C6 BA A4 35 30 D7 1F

>

>  7E 39 E1 82 A9 3F 42\n");

>   printf("Actual cipher for pasword tiger: ");

>   for (j = 0; j<len; j++) {

>     printf("%02X ",(unsigned)result[j] & 0xff); printf("\n\n");

>

>

>

> }

>

>  if (memcmp(result, encrt, passwdlen) == 0)

>    printf("Password cipher text CORRECT\n\n");

>   else

>    printf("*** Password cipher text FAILED ***\n\n");

>

>

>  len = kzsrdep(unresult, result, len, knownk);

>

>

>

>  printf("result for decryption: %.*s\n\n", (int)len, (char *)unresult);

>

>

>

>

>  if (memcmp(unresult, passwd, passwdlen) == 0)

>     printf("Password encryption Test PASSED\n\n");

>   else

>    printf("*** Password encryption Test FAILED ***\n\n");

>

>

>

>  /* test encryption of 64 bit keys and back */

>   in[0] = testk[0];

>   in[1] = testk[1];

>   printf("=== Key Encryption Test\n\n");

>   printf("Initial Key: %02X %02X\n\n", in[0], in[1]);

>

>

>

>  /* encrypt */

>   kzsrenc(in, out, knownk);

>

>

>

>  printf("Expected cipher for pasword tiger: FBF7F0859B6A3A7E\n");

>   printf("Actual Cipher for Key: %02X %02X\n\n", out[0], out[1]);

>   if (encry[0] == out[0] && encry[1] == out[1])

>    printf("Encrypted cipher text CORRECT\n\n");

>   else

>    printf("*** Encrypted cipher text FAILED ***\n\n");

>

>

>

>  /* null out in paramter */

>   in[0] = 0;

>   in[1] = 0;

>   kzsrdec(out, in, knownk);

>

>

>

>  printf("Decrypted Key: %02X %02X\n\n", in[0], in[1]);

>

>

>

>  /* test to see if initial is same as out of decryption */

>   if (testk[0] == in[0] && testk[1] == in[1])

>    printf("Key encryption Test PASSED\n\n");

>   else

>    printf("*** Key encryption Test FAILED ***\n");

>

>

>

>  return(EX_SUCC);

>   }

>

>

>

>  DonBurlesonIsASackOfManur wrote:

>

>  > Oracle's Password Transform

>   >

>   >

>   > Goals:

>   > - Authentication information ("encrypted password") shall be

>  portable

>   > between machines with different character sets (ebcdic and ascii).

>   > - It should handle non-enlish languages including those that

> require

>   > 16 bits per character.

>   > - If a user has the same password on two databases, the

>  authentication

>   >

>   > information will be the same on both machines.

>   > - It should be hard to tell if two users have the same password.

>   > - The password transform should be as hard to break as DES.

>   >

>   >

>   > The Algorithm:

>   >

>   >

>   > Convert user name and password to uppercase 'normal' form. Normal

>  form

>   >

>   > uses 16 bits to represent each character, and it is independant of

>   > language

>   > and the computer's character set (acsii or ebcdic).

>   >

>   >

>   > Concatenate normalized user name and password. Pad result to

>  multiple

>   > of

>   > 64 bits. Zero padding is better than some rolling xor algorithm,

>  since

>   >

>   > the

>   > later produces redundant information that an attacker can use to

>   > check for the correctness of a guess. The result is called UPLONG.

>   >

>   >

>   > Compute cryptographic checksum of UPLONG using a known key and the

>   > cipher

>   > block chaining mode of DES. The known key is hex 0123456789ABCDEF.

>   > The

>   > idea is to extract 56 suitable bits from the password. The CBC64

>   > (cipher

>   > block chain with 64 bit feedback path) checksum makes good use of

>  the

>   > bits

>   > in a long password, and it speads out the redundant information

> that

>  is

>   >

>   > present due to the fact that the 'normal' form uses 16 bits per

>   > character.

>   > The feedback path is 64 bits, not the standard 8 bits because it

>   > generates

>   > a more uniform distribution. See Alan T. Sherman's PhD thesis (MIT

>   > 1987)

>   > for justification.

>   >

>   >

>   > It isn't hard to invert the checksum we just found (the key is

>  known),

>   > so

>   > now we hide this result by using it as the key to compute another

>   > checksum

>   > on the uplong array. That checksum will be used as the

>  authentication

>   > parameter for the user. Note that DES has the property that given a

>

>   > matching block of plaintext and ciphertext is is still quite hard

> to

>   > find

>   > the key that mapped the plaintext into the ciphertext.

>   >

>   >

>   > We could use the first checksum as a key to encrypt a constant, but

>

>  it

>   > seems safer to use non-constant data like the information in the

>  UPLONG


>   >

>   > array. If nothing else this makes a dictionary attack harder.

>   >

>   >

>   > Note that an attacker must now solve two simultaneous equations for

>

>  P:

>   >

>   >

>   > k1 = checksum( k0, U || P )

>   > k2 = checksum( k1, U || P )

>   >

>   >

>   > Where 'U || P' is the username concatenated with the password (U is

>

>   > known,

>   > P is not), k0 is the known key, k1 is the first checksum, and k2 is

>

>  the

>   >

>   > value placed in the authentication table.

>   >

>   >

>   > Convert the second checksum value into a machine independent form.

>   > Since we are not short on characters, express it as a hex string.

Received on Wed Dec 28 2005 - 02:38:20 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US