Reference(s): http://www.notesbit.com/index.php/scripts-oracle/oracle-11g-new-password-algorithm-is-revealed-by-seclistsorg/ >>> oracle_old_passwd(password='tiger', username='scott', uppercase=True) 'F894844C34402B67'
(password, username, uppercase=True)
| 217 | return retVal.upper() if uppercase else retVal.lower() |
| 218 | |
| 219 | def oracle_old_passwd(password, username, uppercase=True): # prior to version '11g' |
| 220 | """ |
| 221 | Reference(s): |
| 222 | http://www.notesbit.com/index.php/scripts-oracle/oracle-11g-new-password-algorithm-is-revealed-by-seclistsorg/ |
| 223 | |
| 224 | >>> oracle_old_passwd(password='tiger', username='scott', uppercase=True) |
| 225 | 'F894844C34402B67' |
| 226 | """ |
| 227 | |
| 228 | IV, pad = b"\0" * 8, b"\0" |
| 229 | |
| 230 | unistr = b"".join((b"\0" + _.encode(UNICODE_ENCODING)) if ord(_) < 256 else _.encode(UNICODE_ENCODING) for _ in (username + password).upper()) |
| 231 | |
| 232 | if des.__module__ == "Crypto.Cipher.DES": |
| 233 | unistr += b"\0" * ((8 - len(unistr) % 8) & 7) |
| 234 | cipher = des(decodeHex("0123456789ABCDEF"), CBC, iv=IV) |
| 235 | encrypted = cipher.encrypt(unistr) |
| 236 | cipher = des(encrypted[-8:], CBC, iv=IV) |
| 237 | encrypted = cipher.encrypt(unistr) |
| 238 | else: |
| 239 | cipher = des(decodeHex("0123456789ABCDEF"), CBC, IV, pad) |
| 240 | encrypted = cipher.encrypt(unistr) |
| 241 | cipher = des(encrypted[-8:], CBC, IV, pad) |
| 242 | encrypted = cipher.encrypt(unistr) |
| 243 | |
| 244 | retVal = encodeHex(encrypted[-8:], binary=False) |
| 245 | |
| 246 | return retVal.upper() if uppercase else retVal.lower() |
| 247 | |
| 248 | def md5_generic_passwd(password, uppercase=False): |
| 249 | """ |