本文共 6986 字,大约阅读时间需要 23 分钟。
[20151008]8i-10g口令密码的加密算法.txt
--昨天晚上写了1篇关于11g密码问题,想看看8i-10g口令密码的加密算法,google半天竟然没找到。
--翻了一个电子文档找到相关内容做一个记录:Apress.Expert.Oracle.Practices.Jan.2010.pdf
1. Concatenate the username and password while also making the string Unicode for instance, for SYSTEM/MANAGER this
would be S0Y0S0T0E0M0M0A0N0A0G0E0R0. 2. Pad out the string with zeros to be a multiple of eight characters. This is not necessary if the memory holding the string is zeroed first, because it is then implicitly padded. 3. Using an encryption key of 0123456789ABCDEF, use Data Encryption Standard Cypher Block Checksum (DES CBC) mode to encrypt the username/password string. Note that CBC mode means that the first 8 bytes are encrypted and the result is XOR'd with the next 8 bytes, and then that is encrypted, and so on. When completed, the last input vector (the last XOR result) is used as the new encryption key for the second round. 4. Repeat all the preceding steps but use the encryption key extracted in step 3. This time, the last input vector is the result; the password hash stored in SYS.USER$.PASSWORD. The result is a "hash," not an encrypted value, even though a very popular encryption algorithm is used. This is because of the two stages used that make the final output nonrevisable, that is, it cannot be decrypted.--看看www.petefinnigan.com/testpwd.sql written in PL/SQL确定加密算法.
-- -----------------------------------------------------------------------------
-- WWW.PETEFINNIGAN.COM LIMITED -- ----------------------------------------------------------------------------- -- Script Name : testpwd.sql -- Author : Pete Finnigan -- Date : May 2009 -- ----------------------------------------------------------------------------- -- Description : This script can be used to test users passwords in databases -- of versions 7 - 10gR2 -- ----------------------------------------------------------------------------- -- Maintainer : Pete Finnigan ( -- Copyright : Copyright (C) 2008, 2009, PeteFinnigan.com Limited. All rights -- reserved. All registered trademarks are the property of their -- respective owners and are hereby acknowledged. -- ----------------------------------------------------------------------------- -- License : This software is free software BUT it is not in the public -- domain. This means that you can use it for personal or -- commercial work but you cannot remove this notice or copyright -- notices or the banner output by the program or edit them in any -- way at all. You also cannot host/distribute/copy or in anyway -- make this script available through any means either in original -- form or any derivitive work based on it. The script is -- only available from its own webpage -- or any other page that -- PeteFinnigan.com Limited hosts it from. -- This script cannot be incorporated into any other free or -- commercial tools without permission from PeteFinnigan.com -- Limited. -- -- In simple terms use it for free but dont make it available in -- any way or build it into any other tools. -- ----------------------------------------------------------------------------- -- Version History -- =============== -- -- Who version Date Description -- === ======= ====== ====================== -- P.Finnigan 1.0 May 2009 First Issue. -- P.Finnigan 1.1 May 2009 Added calls to upper for username/password -- Thanks to Kennie Nybo Pontoppidan. -- -- -----------------------------------------------------------------------------create or replace function testpwd(username in varchar2, password in varchar2)
return char authid current_user is -- raw_key raw(128):= hextoraw('0123456789ABCDEF'); -- raw_ip raw(128); pwd_hash varchar2(16); -- cursor c_user (cp_name in varchar2) is select password from sys.user$ where password is not null and name=cp_name; -- procedure unicode_str(userpwd in varchar2, unistr out raw) is enc_str varchar2(124):=''; tot_len number; curr_char char(1); padd_len number; ch char(1); mod_len number; debugp varchar2(256); begin tot_len:=length(userpwd); for i in 1..tot_len loop curr_char:=substr(userpwd,i,1); enc_str:=enc_str||chr(0)||curr_char; end loop; mod_len:= mod((tot_len*2),8); if (mod_len = 0) then padd_len:= 0; else padd_len:=8 - mod_len; end if; for i in 1..padd_len loop enc_str:=enc_str||chr(0); end loop; unistr:=utl_raw.cast_to_raw(enc_str); end; -- function crack (userpwd in raw) return varchar2 is enc_raw raw(2048); -- raw_key2 raw(128); pwd_hash raw(2048); -- hexstr varchar2(2048); len number; password_hash varchar2(16); begin dbms_obfuscation_toolkit.DESEncrypt(input => userpwd, key => raw_key, encrypted_data => enc_raw ); hexstr:=rawtohex(enc_raw); len:=length(hexstr); raw_key2:=hextoraw(substr(hexstr,(len-16+1),16)); dbms_obfuscation_toolkit.DESEncrypt(input => userpwd, key => raw_key2, encrypted_data => pwd_hash ); hexstr:=hextoraw(pwd_hash); len:=length(hexstr); password_hash:=substr(hexstr,(len-16+1),16); return(password_hash); end; begin open c_user(upper(username)); fetch c_user into pwd_hash; close c_user; unicode_str(upper(username)||upper(password),raw_ip); if( pwd_hash = crack(raw_ip)) then return ('Y'); else return ('N'); end if; end; /--他的算法是检测口令是否猜测正确的,我改一下看看:
create or replace function testpwd(username in varchar2, password in varchar2)
return char authid current_user is -- raw_key raw(128):= hextoraw('0123456789ABCDEF'); -- raw_ip raw(128); pwd_hash varchar2(16);procedure unicode_str(userpwd in varchar2, unistr out raw)
is enc_str varchar2(124):=''; tot_len number; curr_char char(1); padd_len number; ch char(1); mod_len number; debugp varchar2(256); begin tot_len:=length(userpwd); for i in 1..tot_len loop curr_char:=substr(userpwd,i,1); enc_str:=enc_str||chr(0)||curr_char; end loop; mod_len:= mod((tot_len*2),8); if (mod_len = 0) then padd_len:= 0; else padd_len:=8 - mod_len; end if; for i in 1..padd_len loop enc_str:=enc_str||chr(0); end loop; unistr:=utl_raw.cast_to_raw(enc_str); end; -- function crack (userpwd in raw) return varchar2 is enc_raw raw(2048); -- raw_key2 raw(128); pwd_hash raw(2048); -- hexstr varchar2(2048); len number; password_hash varchar2(16); begin dbms_obfuscation_toolkit.DESEncrypt(input => userpwd, key => raw_key, encrypted_data => enc_raw ); hexstr:=rawtohex(enc_raw); len:=length(hexstr); raw_key2:=hextoraw(substr(hexstr,(len-16+1),16)); dbms_obfuscation_toolkit.DESEncrypt(input => userpwd, key => raw_key2, encrypted_data => pwd_hash ); hexstr:=hextoraw(pwd_hash); len:=length(hexstr); password_hash:=substr(hexstr,(len-16+1),16); return(password_hash); end; begin unicode_str(upper(username)||upper(password),raw_ip); return crack(raw_ip); end; /-- 测试看看:
SYS@test> select name,password,spare4 from sys.user$ where name='SCOTT';
NAME PASSWORD SPARE4 -------------------- -------------------- -------------------------------------------------------------- SCOTT 57964D8CE8DC6EB2 S:F67125C76865130EB899ABB60A06C3D063A9A26CA2C95D76078DB11F1F0ASYS@test> select testpwd('scott','btbtms') c20 from dual ;
C20 -------------------- 57964D8CE8DC6EB2转载地址:https://blog.csdn.net/weixin_34326429/article/details/90274707 如侵犯您的版权,请留言回复原文章的地址,我们会给您删除此文章,给您带来不便请您谅解!