How to crack Oracle Passwords : 5 best tools

This page will give you the best tools to crack your Oracle hashes

Oracle database : 5 best tools to crack passwords

Blog Single

Intro

After the posting of the Oracle password algorithm in the comp.database.oracle.server newsgroup they are a lot of free and commerical Oracle Password Cracker available.

Orabf

Orabf is an extremely fast offline brute force/dictionary attack tool that can be used when the particular username and hash are known for an Oracle account. Obviously the speed of the brute force attack slows down the longer the amount of characters that it is trying to brute force with but for short username/hash combinations it can be over a million tries per second.

Repscan

Repscan (Commercial and Trial) - No bruteforce - Can connect to the database and check multiple accounts in one step , Oracle Easy Connect, support for 11g, OID, APEX, OVS.
It is also able to detect unsecure PL/SQL code, unsecure system configurations, database modifications, weak/default database/apex/oid passwords, forensic traces.

Checkpwd

Checkpwd (Free) is another dictionary based password checker for Oracle databases. This is a useful tool for DBA's to identify Oracle accounts with weak or default passwords. Available on Windows ad Linux.

oclhashcat

oclhashcat is available on Windows, Linux and OSX and uses your GPU card(s). It can crack these Oracle algorithms :

  • Oracle S: Type (Oracle 11+)
  • Oracle H: Type (Oracle 7+)
  • Oracle T: Type (Oracle 12+)

John The Ripper

Available on Windows, Linux and OSX John The Ripper supports these algo :

  • Oracle 7+
  • Oracle 11g

Note

We can help you to attempt to recover your Oracle hash : contact us.

Share this Post: