Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Full disclosure list: Summary of the password algorithm and a C code plug-in for John The Ripper password cracker"] [Next entry: "1.02 Million hashes/second Oracle dictionary and brute force password cracker available"]

Alex has released version 1.1 of Checkpwd - the Oracle dictionary password cracker

Alex has just let me know that he has upgraded Checkpwd his dictionary based Oracle password cracker. It has been upgraded to version 1.1. The changes are summarised as follows:


1.0 - Initial Version

1.1 - Smaller Changes
Show Oracle Account Status (OPEN, EXPIRED, LOCKED)
Check for weak password = username
Linux Version (static, shared and standalone)
Dictionary file can now contain \n or \r\n
Dictionary converted to upper case"

The password cracker page - Oracle Password Checker (Cracker) has been updated with new links for the version 1.1 tools for Windows and Linux.

I have updated my Oracle Security Tools page with the new links.