〖Environment(环境)〗 OS:Windows XP DB:ORACLE10G TOOL:orabf-v0.7.6 〖Cause(原理) 〗 orabf-v0.7.6是一款基于数据字典,破解ORACLE密码的工具,也是ORACLE密码破解目前最快的工具。它甚至能破解SYS的密码。功能非常强大,如果密码的长度很长,则需要花费很长的时间进行破解。 下面的例子将把下载的orabf-v0.7.6解压到C:/orabf-v0.7.6 〖Action(方法) 〗 破解案例一:破解普通用户 Step01:创建测试用户u1 SQL> create user u1 identified by t5593; 用户已创建。 SQL> Step02:得到用户的加密密码 SQL> select username,password from dba_users where username='U1'; USERNAME PASSWORD ------------------------------ ------------------------------ U1 75789C9844E63228 Step03:根据加密密码破解用户u1的密码 C:/orabf-v0.7.6>orabf75789C9844E63228:U1 orabf v0.7.6, (C)2005 orm@toolcrypt.org --------------------------------------- Trying default passwords...done Starting brute force session using charset: #$0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_ press 'q' to quit. any other key to see status current password: F6IPF 13656128 passwords tried. elapsed time 00:00:11. t/s:1153024 password found: U1:T5593 45964574 passwords tried. elapsed time 00:00:41. t/s:1110088 快速破解出用户U1的密码是T5593 破解案例二:破解SYS用户的密码 Step01:得到用户的加密密码 SQL> select username,password from dba_users where username='SYS'; USERNAME PASSWORD ------------------------------ ------------------------------ SYS CEEFED71DA7851B3 Step02:根据加密密码破解用户SYS的密码 C:/orabf-v0.7.6>orabf CEEFED71DA7851B3:sys orabf v0.7.6, (C)2005 orm@toolcrypt.org --------------------------------------- Trying default passwords...done Starting brute force session using charset: #$0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_ press 'q' to quit. any other key to see status password found: SYS:WY 921 passwords tried. elapsed time 00:00:00. t/s:1 快速破解出用户SYS的密码是WY
