Alexander Kornbrust of red database security just released the much anticipated checkpwd oracle cracking tool. This release has much improvement over the previous releases. Some of those include:
* support for Oracle 11g passwords
* support for APEX passwords (1.4-3.0.1)
* collect passwords from the database
* collect password candidates from the database
* option not to display the oracle password in command line
* crack passwords from the password history
* crack role passwords
* save checkpwd default configuration in a configuration file
* read username and password hashes from a file
Well, personally i had tried the version 1.21 months ago and it wasn't bad after all. And now comes version 2? You bet, it will be so much interesting to test out the new features and see how the tool produce the results. Weeks ago, THC, a german underground hacking community released oracle 11g password cracker and i must admit that i haven't tried it yet, but now Alex had incorporated checkpwd 2.00 with oracle database 11g password cracking abilities.
For those who don't know, Alex is a world renowned oracle security expert. He is constantly reporting oracle bugs to Oracle and had published a lot of whitepapers and giving talks at conferences regarding oracle security. I had met him once in Dubai and i must say he is a humble and patient person with amazing oracle security knowledge. To find out more, check him out at the following links
http://www.red-database-security.com
http://blog.red-database-security.com
The Hacka Man
Rabu, 24 Oktober 2007
Checkpwd 2.00 A12 released
21.01
No comments
Langganan:
Posting Komentar (Atom)
0 komentar:
Posting Komentar