Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Slides from Pete Finnigan Oracle Security webinar available"] [Next entry: "C code API to encapsulate OCI"]

A new version of the Oracle password cracker woraauthbf is available

The Oracle password cracker woraauthbf written by Laszlo Toth has been updated and released as a new version 0.21R2 (The R2) is the new part, so even if you are running version 0.21 then please download the new release. The fix relates to a bug I found in 11g that if more than one user has the same password the cracker found the first occurance only. The bug fix corrects this. This is minor as the cracker could be used without error on the earlier database releases and its unlikely that many people are running 11g in production yet anyway.

A binary version of the cracker is available here and the source code here.

Thanks to Laszlo for a great useful free tool to help secure Oracle databases.