Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Alex has added a page to compare the available Oracle password crackers"] [Next entry: "Congratulations to Mark Rittman on for Oracle magazines Oracle ACE of the year 2005"]

0rm's Oracle password cracker orabf has been updated

0rm has emailed me today to let me know that he has made a small bug fix to the Oracle brute force and dictionary password cracker. It has been upgraded to version 0.7.2. The bug was in the pre-fetch code where passwords that were a multiple of 4 characters were not cracked. This bug only affected brute force mode and not the dictionary mode.

There is also a good discussion going on over on my Oracle Security forum about 0rm's Oracle password cracker.