Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Two excellent papers on a new method to combat parameter validation and SQL Injection"] [Next entry: "Is it just me or is Orablogs not reachable again?"]

Hashattack 2.0 tool : ooops incorrect link on the tools page

I have had a few emails from people asking me about the hashattack 2.0 tool written by Josh Wright that can be used to pre-compute password hashes from a dictionary of common words for a specific database users. The results stored in a table can then be easily re-used for ongoing checks for the same user in the same database or any other database.

I announced this tool here a few posts ago and added it to my Oracle Security Tools page but unfortunately I got the URL wrong. The URL on my tools page has now been corrected.

There is also currently a thread on my Oracle Security Forum discussing this tool.