MCPcopy Index your code
hub / github.com/sqlmapproject/sqlmap / oracle_passwd

Function oracle_passwd

lib/utils/hash.py:201–217  ·  view source on GitHub ↗

Reference(s): https://www.evilfingers.com/tools/GSAuditor.php http://www.notesbit.com/index.php/scripts-oracle/oracle-11g-new-password-algorithm-is-revealed-by-seclistsorg/ http://seclists.org/bugtraq/2007/Sep/304 >>> oracle_passwd(password='SHAlala', salt='1B7B5F82

(password, salt, uppercase=True)

Source from the content-addressed store, hash-verified

199 return "0x%s" % (retVal.upper() if uppercase else retVal.lower())
200
201def oracle_passwd(password, salt, uppercase=True):
202 """
203 Reference(s):
204 https://www.evilfingers.com/tools/GSAuditor.php
205 http://www.notesbit.com/index.php/scripts-oracle/oracle-11g-new-password-algorithm-is-revealed-by-seclistsorg/
206 http://seclists.org/bugtraq/2007/Sep/304
207
208 >>> oracle_passwd(password='SHAlala', salt='1B7B5F82B7235E9E182C', uppercase=True)
209 'S:2BFCFDF5895014EE9BB2B9BA067B01E0389BB5711B7B5F82B7235E9E182C'
210 """
211
212 binsalt = decodeHex(salt)
213 password = getBytes(password)
214
215 retVal = "s:%s%s" % (sha1(password + binsalt).hexdigest(), salt)
216
217 return retVal.upper() if uppercase else retVal.lower()
218
219def oracle_old_passwd(password, username, uppercase=True): # prior to version '11g'
220 """

Callers

nothing calls this directly

Calls 2

decodeHexFunction · 0.90
getBytesFunction · 0.90

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…