Oracle toplink mapping workbench password algorithm now public
- From: Pete Finnigan <oracle_list@xxxxxxxxxxxxxxxxxxxxxxxxx>
- To: oracle-l@xxxxxxxxxxxxx
- Date: Thu, 29 Jan 2004 22:15:51 +0000
Hi everyone,
I thought people here should be aware of this issue. I came across some
pseudo code for the toplink workbench encryption algorithm and sample
code on a website to do the encryption manually without toplink
workbench. By definition decryption is now easy from this unfortunately.
I have added a link to the information to my Oracle security papers page
http://www.petefinnigan.com/orasec.htm
If you use this tool beware that the passwords in the xml file can be
decrypted.
kind regards
Pete
--
Pete Finnigan
email:pete@xxxxxxxxxxxxxxxx
Web site: http://www.petefinnigan.com - Oracle security audit specialists
Book:Oracle security step-by-step Guide - see http://store.sans.org for details.
----------------------------------------------------------------
Please see the official ORACLE-L FAQ: http://www.orafaq.com
----------------------------------------------------------------
To unsubscribe send email to: oracle-l-request@xxxxxxxxxxxxx
put 'unsubscribe' in the subject line.
--
Archives are at //www.freelists.org/archives/oracle-l/
FAQ is at //www.freelists.org/help/fom-serve/cache/1.html
-----------------------------------------------------------------
Other related posts:
- » Oracle toplink mapping workbench password algorithm now public
