[20171213]john破解oracle口令.txt

lfree發表於2017-12-13
Oracle

[20171213]john破解oracle口令.txt

--//跟別人討論的oracle破解問題,我曾經提過不要使用6位字元以下的密碼,其實不管那種系統低於6位口令非常容易破解.
--//而且oracle預設還保證舊口令模式在sys.user$檔案中,破解這個更容易.我僅僅寫一些例子:

1.環境:
SYS@book> @ &r/ver1
PORT_STRING                    VERSION        BANNER
------------------------------ -------------- --------------------------------------------------------------------------------
x86_64/Linux 2.4.xx            11.2.0.4.0     Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production

SYS@book> column spare4 format a62
SYS@book> select NAME,SPARE4,PASSWORD from sys.user$ where name='SCOTT';
NAME                 SPARE4                                                         PASSWORD
-------------------- -------------------------------------------------------------- ------------------------------
SCOTT                S:70863744165E30E16FA46A05043A7E858A7D98BC359FD004C4A628C3F80A F894844C34402B67

2.安裝john:
--//我選擇rpm包,很容易找到.步驟略.我安裝的版本:
$ john
John the Ripper password cracker, version 1.7.6-jumbo-12
...

3.破解:
--//建立檔案a.txt
$ cat a.txt
SCOTT:F894844C34402B67

$ john --format=oracle a.txt
Loaded 1 password hash (Oracle [oracle])
TIGER            (SCOTT)
guesses: 1  time: 0:00:00:00 100.00% (2) (ETA: Wed Dec 13 10:54:35 2017)  c/s: 56600  trying: TIGER

4.破解oracle 11g密碼:
--//建立檔案b.txt
$ cat b.txt
S:70863744165E30E16FA46A05043A7E858A7D98BC359FD004C4A628C3F80A

$ john --format=oracle11 b.txt
Loaded 1 password hash (Oracle 11g [oracle11])
tiger            (S)
guesses: 1  time: 0:00:00:00 100.00% (2) (ETA: Wed Dec 13 10:55:28 2017)  c/s: 80100  trying: tiger

--//基於英文字典的破解1秒都不到.
--//破解的記錄保證在在/home/oracle/.john/目錄的john.pot檔案,安全需要可以刪除.
--//修改為T1IGER,再次測試:

$ john --format=oracle a.txt
Loaded 1 password hash (Oracle [oracle])
Warning: mixed-case charset, but the current hash type is case-insensitive;
some candidate passwords may be unnecessarily tried more than once.
guesses: 0  time: 0:00:00:07 (3)  c/s: 694786  trying: 31044016
guesses: 0  time: 0:00:00:08 (3)  c/s: 702679  trying: DDAPH7
T1IGER           (SCOTT)
guesses: 1  time: 0:00:00:11 (3)  c/s: 738577  trying: T1IGER

--//6位的密碼11秒破解.

$ john --format=oracle11 b.txt
Loaded 1 password hash (Oracle 11g [oracle11])
guesses: 0  time: 0:00:00:02 (3)  c/s: 2534K  trying: bob1420
t1iger           (S)
guesses: 1  time: 0:00:00:03 (3)  c/s: 2581K  trying: t1iger

--//我修改3次,都記錄在a.txt:

$ john --format=oracle a.txt
Loaded 3 password hashes with no different salts (Oracle [oracle])
TIGER            (SCOTT)
Warning: mixed-case charset, but the current hash type is case-insensitive;
some candidate passwords may be unnecessarily tried more than once.
T1IGER           (SCOTT)
BOOKBOOK         (SCOTT)
guesses: 3  time: 0:00:01:53 (3)  c/s: 1037K  trying: BOOKBOOK


$ john --format=oracle11 b.txt
Loaded 3 password hashes with 3 different salts (Oracle 11g [oracle11])
tiger            (S)
t1iger           (S)
bookbook         (S)
guesses: 3  time: 0:00:00:33 (3)  c/s: 3526K  trying: bookbook

--//基於英文字典的破解非常快,3個口令2分鐘.

來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/267265/viewspace-2148643/,如需轉載,請註明出處,否則將追究法律責任。

相關文章