ORABF是一款暴力破解oracle用户密码的软件,使用方法如下:
orabf v0.7.6, (C)2005 orm@toolcrypt.org
---------------------------------------
usage: orabf [hash]:[username] [options]
options:
-c [num] complexity: a number in [1..6] or a filename
- read words from stdin
[file] read words from file
1 numbers
2 alpha
3 alphanum
4 standard oracle (alpha)(alpha,num,_,#,$)... (default)
5 entire keyspace (' '..'~')
6 custom (charset read from first line of file: charset.orabf)
-m [num] max pwd len: must be in the interval [1..14] (default: 14)
-n [num] min pwd len: must be in the interval [1..14] (default: 1)
-r resume: tries to resume a previous session
示例:
首先查询DBA_USERS视图获取用户名称和加密后的密码。在11g下,dba_users视图下的password为空,此时,可以使用user$
SQL> select name,password from user$ where name='EASY';
NAME PASSWORD
------------------------------ ------------------------------
EASY 14707135C9262A03
然后,我们使用orabf破解
[easy@easy orabf-v0[1].7.6]$ wine orabf.exe 14707135C9262A03:easy -c 2
orabf v0.7.6, (C)2005 orm@toolcrypt.org
---------------------------------------
Trying default passwords...
password found: EASY:EASY
换一个复杂一些的密码:
SQL> conn easy/easy
已连接。
SQL> alter user easy identified by wsngd;
用户已更改。
SQL> conn / as sysdba
已连接。
SQL> select name,password from user$ where name='EASY';
NAME PASSWORD
------------------------------ ------------------------------
EASY 8C2E5A3EDFC66102
[easy@easy orabf-v0[1].7.6]$ wine orabf.exe 8C2E5A3EDFC66102:easy -c 2
orabf v0.7.6, (C)2005 orm@toolcrypt.org
---------------------------------------
Trying default passwords...warning: couldn't open default.txt...done
Starting brute force session using charset:
ABCDEFGHIJKLMNOPQRSTUVWXYZ
press 'q' to quit. any other key to see status
password found: EASY:WSNGD
10854042 passwords tried. elapsed time 00:00:12. t/s:877149
速度还是比较快的