Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Crack Oracle passwords like a peanut!
static CONST_DATA ub4 knownk[2] = {
0x08192a3b,0x4c5d6e7f
};
static CONST_DATA ub4 testk[2] = {
0x25ddac3e, 0x96176467
};
static CONST_DATA ub4 encry[2] = {
0xfbf7f085, 0x9b6a3a7e
};
static CONST_DATA ub1 encrt[16] = {
0x1a, 0xc2, 0xc6, 0xba, 0xa4, 0x35, 0x30, 0xd7,
0x1f, 0x7e, 0x39, 0xe1, 0x82, 0xa9, 0x3f, 0x42
};
/*-------------------------------- MAIN--------------------------------*/main()
/* password tigertiger (in Ascii) defined as hex,
this is to allow testing on ebcidic machines
although string will not print on these machines */
static CONST ub1 passwd[] = {
0x74, 0x69, 0x67, 0x65, 0x72, 0x74, 0x69, 0x67,
0x65, 0x72, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20
};
static CONST size_t passwdlen = 16;
// printf("=== Password Encryption Test\n\n"); // printf("start string (in Ascii): %s\n\n", (char *)passwd);
/* what is the result for password? */
len = kzsrenp(result, passwd, passwdlen, knownk);
printf("Expected cipher for pasword tiger: 1A C2 C6 BA A4 35 30 D7 1F
7E 39 E1 82 A9 3F 42\n");
printf("Actual cipher for pasword tiger: ");
for (j = 0; j<len; j++) {
printf("%02X ",(unsigned)result[j] & 0xff); printf("\n\n");
}
if (memcmp(result, encrt, passwdlen) == 0)
printf("Password cipher text CORRECT\n\n");
else
printf("*** Password cipher text FAILED ***\n\n");
len = kzsrdep(unresult, result, len, knownk);
printf("result for decryption: %.*s\n\n", (int)len, (char *)unresult);
if (memcmp(unresult, passwd, passwdlen) == 0)
printf("Password encryption Test PASSED\n\n");
else
printf("*** Password encryption Test FAILED ***\n\n");
/* test encryption of 64 bit keys and back */
in[0] = testk[0];
in[1] = testk[1];
printf("=== Key Encryption Test\n\n");
printf("Initial Key: %02X %02X\n\n", in[0], in[1]);
/* encrypt */
kzsrenc(in, out, knownk);
printf("Expected cipher for pasword tiger: FBF7F0859B6A3A7E\n");
printf("Actual Cipher for Key: %02X %02X\n\n", out[0], out[1]);
if (encry[0] == out[0] && encry[1] == out[1])
printf("Encrypted cipher text CORRECT\n\n");
else
printf("*** Encrypted cipher text FAILED ***\n\n");
/* null out in paramter */
in[0] = 0;
in[1] = 0;
kzsrdec(out, in, knownk);
printf("Decrypted Key: %02X %02X\n\n", in[0], in[1]);
/* test to see if initial is same as out of decryption */
if (testk[0] == in[0] && testk[1] == in[1])
printf("Key encryption Test PASSED\n\n");
else
printf("*** Key encryption Test FAILED ***\n");
return(EX_SUCC);
}
http://groups.google.com/group/comp.databases.oracle.server/browse_fr...
wrote:
> Oracle's Password Transform
> > > Goals: > - Authentication information ("encrypted password") shall beportable
> - It should handle non-enlish languages including those that
require
> 16 bits per character.
> - If a user has the same password on two databases, the
authentication
> > information will be the same on both machines. > - It should be hard to tell if two users have the same password. > - The password transform should be as hard to break as DES. > > > The Algorithm: > > > Convert user name and password to uppercase 'normal' form. Normalform
> language > and the computer's character set (acsii or ebcdic). > > > Concatenate normalized user name and password. Pad result tomultiple
> > the > later produces redundant information that an attacker can use to > check for the correctness of a guess. The result is called UPLONG. >
> cipher
> block chaining mode of DES. The known key is hex 0123456789ABCDEF.
> The > idea is to extract 56 suitable bits from the password. The CBC64 > (cipher > block chain with 64 bit feedback path) checksum makes good use ofthe
> > present due to the fact that the 'normal' form uses 16 bits per > character. > The feedback path is 64 bits, not the standard 8 bits because it > generates > a more uniform distribution. See Alan T. Sherman's PhD thesis (MIT > 1987) > for justification. >
> so > now we hide this result by using it as the key to compute another > checksum > on the uplong array. That checksum will be used as theauthentication
> matching block of plaintext and ciphertext is is still quite hard to
> find > the key that mapped the plaintext into the ciphertext. > > > We could use the first checksum as a key to encrypt a constant,but
it
> seems safer to use non-constant data like the information in the
UPLONG
> > array. If nothing else this makes a dictionary attack harder. > > > Note that an attacker must now solve two simultaneous equationsfor
P:
> > > k1 = checksum( k0, U || P ) > k2 = checksum( k1, U || P ) > > > Where 'U || P' is the username concatenated with the password (Uis
> known,
> P is not), k0 is the known key, k1 is the first checksum, and k2
is
the
> > value placed in the authentication table. > > > Convert the second checksum value into a machine independent form.
> Since we are not short on characters, express it as a hex string.
/* * kzsrded: decrypt block using Des Cipher block chaining Decryption. * buf is assumed to be a multiple of 2 */ STATICF void kzsrded(ks, buf, bufl, key, output) reg4 ub4 *ks; /* Key schedule. */ reg3 ub4 *buf; /* Buffer to checksum. */ reg0 size_t bufl; /* Number of ub4s in buf. */ reg1 ub4 *key; /* Initial value for key. */ reg2 ub4 *output; /* Result placedhere. */
ub4 acc[2]; /* Accumulator. */ ub4 ivec[2]; /* initial vector for reach round. */ ub4 svec[2]; /* saved initial vector for reachround. */
ivec[0] = key[0];
ivec[1] = key[1];
while (bufl > 0)
{
/* get input */
svec[0] =
acc[0] = *buf++;
bufl--;
svec[1] =
acc[1] = *buf++;
bufl--;
/* decrypt */
lmxeecb(ks, acc, acc);
/* do the xor for cbc into the output */
acc[0] ^= ivec[0];
acc[1] ^= ivec[1];
/* copy temp output */
*output++ = acc[0];
*output++ = acc[1];
/* save xor value for next round */
ivec[0] = svec[0];
ivec[1] = svec[1];
}
}
/* * kzsrdep: Perform decryption of password. * No attempt has been made to make this fast. */ size_t kzsrdep(pass, epass, epassl, key) ub1 *pass; /* -> return buffer */ ub1 *epass; /* -> unencripted password */ size_t epassl; /* length of unencripted password */ ub4 *key; /*initial key */
reg0 size_t uplongl; /* Number of ub4s in uplong. */ reg1 size_t nettextl; /* Number of ub1s in nettext. */ ub4 zeros[2]; /* Zeros passed to the decryptor. */ ub4 rresult[3+M_IDEN]; /* Raw result. */ ub4 ks[LMXEKSL]; /* Keyschedule. */
ub4 uplong[3+M_IDEN]; /* pwd asub4s. */
/* check that the pass is a multiple of 64 bits */ if (epassl%8) return(0);
/* Convert epass into array of ub4s. */ uplongl = kzsr1t4(epass, uplong, epassl);
/* Decrypt uplong using a known key and the cipher block chaining */
/* mode of DES. */ lmxegks(key, ks, FALSE); /* Generate keyschedule. */
kzsrded(ks, uplong, uplongl, zeros, rresult); /*decrypt. */
/* Convert rresult into array of ub1s. */ nettextl = kzsr4t1(rresult, pass, uplongl);
return(nettextl);
}
Received on Thu Mar 23 2006 - 11:06:44 CST