Oracle database authentication protocol vulnerability opens door for brute-force attack

Computer Security
Typography

A serious vulnerability in the authentication protocol used by some Oracle databases is detected by a Researcher with Appsec tomorrow. The backdoor enables hackers to perform the brute force attack similar to the SHA1 password hack.

The authentication process currently used by Oracle databases - contacts the database server to get the session key back to the client, along with a salt. The vulnerability enables a hacker to link a specific session key with a  specific password hash.

The Researcher Esteban Martinez Fayo will demonstrate a proff-of-concept attack. Martinez first reported the bug in the Oracle database back in May 2010. Oracle did a great job fixing it in their next version, but left the current/previous version without the patch or other updates to get it fixed.

But they never fixed the current version, so the current 11.1 and 11.2 versions are still vulnerable. Martinez Fayo says, and Oracle has no plans to fix the flaws for version 11.1

Once the attacjer has a Session Key and a salt, the attacker can perform a brute force attack on the session key by trying millions of passwords per second until the correct on is found. This is very similar to a SHA-1 password hash cracking. Rainbow tables can't be used becayse there is a salt ussed for password hash generation, but advanced hardware can be used, like GPUs combined with advanced techniques like Dictionary hybrid attacks, which can make the cracking process much more efficient

If the vulnerability is widely deployed it is sure a one heck of the problem for IT firms and other services relying on oracle database. The oracle developers team should consider it as a dangerous backdoor which can put millions on passwords ready for the hackers to sneak upon.

Leave your comments

Post comment as a guest

0 Character restriction
Your text should be more than 5 characters
  • No comments found

Conversations

Guest - Abhishek Raut
Why you no bring Zenfone 2 into the game?
Guest - MrNicola
Tried you're force download method for 64bit and worked like a charm thanks.
Guest - Meeta
Hi,

The music starts on its own even wen it's not played.. Just on the touch of fone, without ev...
its working thnx.. but it is too lengthy process
Sign up via our free email subscription service to receive notifications when new information is available.