Pen Testing Framework:
Orabf is an extremely fast offline brute force/dictionary attack tool that can be used when the particular username and hash are known for an Oracle account. Obviously the speed of the brute force attack slows down the longer the amount of characters that it is trying to brute force with but for short username/hash combinations it can be over a million tries per second.
It is available from here.
C:\orabf-v0.7.5>orabf [hash]:[username] [options]
-c [num] complexity: a number in [1..6] or a
In this case the in-built dictionary default.txt has been used to carry out a dictionary based attack.
In this case a brute force attack has been carried out specifying to orabf that it should start brute forcing with a password with a minimum length of 4 characters.
|© VulnerabilityAssessment.co.uk Thursday May 17, 2007|
html hit counter