Penetration Testing mailing list archives
Re: [PEN-TEST] Oracle USER$ password hashes
From: Nicolas Gregoire <nicolas.gregoire () 7THZONE COM>
Date: Thu, 9 Nov 2000 15:33:03 +0100
Olle Segerdahl a écrit :
... Since the hashes are always the same for the same password, it most definately isn't salted.... ... change_on_install = D4C5016086B2DC6A manager = D4DF7931AB130E37
Are the first 2 characters always "D4" ? It could the fixed salt, ie. $crypted = unkown-crypt("D4", $clear);
Current thread:
- [PEN-TEST] Oracle USER$ password hashes Olle Segerdahl (Nov 10)
- Re: [PEN-TEST] Oracle USER$ password hashes Nicolas Gregoire (Nov 10)
- Re: [PEN-TEST] Oracle USER$ password hashes Olle Segerdahl (Nov 10)
- Re: [PEN-TEST] Oracle USER$ password hashes Stefan Aeschbacher (Nov 10)
- Re: [PEN-TEST] Oracle USER$ password hashes Edwards, Steve (Nov 10)
- Re: [PEN-TEST] Oracle USER$ password hashes Stefan Aeschbacher (Nov 11)
- Re: [PEN-TEST] Oracle USER$ password hashes Edwards, Steve (Nov 11)
- Re: [PEN-TEST] Oracle USER$ password hashes John Lauro (Nov 11)
- Re: [PEN-TEST] Oracle USER$ password hashes Pete Krawczyk (Nov 11)
- Re: [PEN-TEST] Oracle USER$ password hashes Olle Segerdahl (Nov 10)
- Re: [PEN-TEST] Oracle USER$ password hashes Nicolas Gregoire (Nov 10)
- Re: [PEN-TEST] Oracle USER$ password hashes (Summary) Dragos Ruiu (Nov 16)