MCPcopy Index your code
hub / github.com/sqlmapproject/sqlmap / oracle_old_passwd

Function oracle_old_passwd

lib/utils/hash.py:219–246  ·  view source on GitHub ↗

Reference(s): http://www.notesbit.com/index.php/scripts-oracle/oracle-11g-new-password-algorithm-is-revealed-by-seclistsorg/ >>> oracle_old_passwd(password='tiger', username='scott', uppercase=True) 'F894844C34402B67'

(password, username, uppercase=True)

Source from the content-addressed store, hash-verified

217 return retVal.upper() if uppercase else retVal.lower()
218
219def oracle_old_passwd(password, username, uppercase=True): # prior to version '11g'
220 """
221 Reference(s):
222 http://www.notesbit.com/index.php/scripts-oracle/oracle-11g-new-password-algorithm-is-revealed-by-seclistsorg/
223
224 >>> oracle_old_passwd(password='tiger', username='scott', uppercase=True)
225 'F894844C34402B67'
226 """
227
228 IV, pad = b"\0" * 8, b"\0"
229
230 unistr = b"".join((b"\0" + _.encode(UNICODE_ENCODING)) if ord(_) < 256 else _.encode(UNICODE_ENCODING) for _ in (username + password).upper())
231
232 if des.__module__ == "Crypto.Cipher.DES":
233 unistr += b"\0" * ((8 - len(unistr) % 8) & 7)
234 cipher = des(decodeHex("0123456789ABCDEF"), CBC, iv=IV)
235 encrypted = cipher.encrypt(unistr)
236 cipher = des(encrypted[-8:], CBC, iv=IV)
237 encrypted = cipher.encrypt(unistr)
238 else:
239 cipher = des(decodeHex("0123456789ABCDEF"), CBC, IV, pad)
240 encrypted = cipher.encrypt(unistr)
241 cipher = des(encrypted[-8:], CBC, IV, pad)
242 encrypted = cipher.encrypt(unistr)
243
244 retVal = encodeHex(encrypted[-8:], binary=False)
245
246 return retVal.upper() if uppercase else retVal.lower()
247
248def md5_generic_passwd(password, uppercase=False):
249 """

Callers

nothing calls this directly

Calls 4

desClass · 0.90
decodeHexFunction · 0.90
encodeHexFunction · 0.90
encryptMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…