Date: Sat, 29 Sep 2012 00:12:27 +0530 From: Dhiru Kholia <dhiru.kholia@...il.com> To: john-users@...ts.openwall.com Subject: [PoC] Cryptographic flaws in Oracle Database authentication protocol Hi, See http://marcel.vandewaters.nl/oracle/security/cryptographic-flaws-in-oracle-database-authentication-protocol for details. Marcel has written "o5logoncrack" program to crack the password given AUTH_SESSKEY and AUTH_VFR_DATA. However Marcel hasn't released any algorithm details or source code. So, I spent the day trying to figure out the "cryptographic flaw" in O5LOGON protocol. I have successfully developed a PoC program to demonstrate the flaw. Algorithm: A key is generated by taking the SHA1 hash of candidate password and AUTH_VFR_DATA (salt). For details see, oracle11_fmt_plug.c or attached PoC code. This key is padded with zeroes to make the length 24 bytes. This serves as a key to AES192 algorithm (used in CBC mode with zero IV) which is used to decrypt AUTH_SESSKEY. We can now detect if the candidate password was correct by looking at the padding in the decrypted data. The last 8 bytes should have value 8 if the candidate password was right! This is the same trick which JtR uses to crack Apple's Keychain files. ➜ ~ python2 oracle.py 1765a4b8a50888bafa41d90adb2fc4eea2c7cc538fb7a1c5409f60f699f1ad11144750748aafe49d0808080808080808 282aad99efee163284f8c4392f88bd2998cf79a9b9e5bc614b07de62279357e6569136e1a436bd7c0808080808080808 07ebabdbee3a0eb0abe19f6812c1e3e65ae9fd7cb9caaee2fb2120d4af83de0c1e12dc012205a0750808080808080808 I will write a JtR format soon for this. From reading nmap-dev messages, it seems that AUTH_SESSKEY and AUTH_VFR_DATA values can be extracted silently. Time to learn Lua ;) -- Cheers, Dhiru Download attachment "oracle.py" of type "application/octet-stream" (1583 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.