12345678910111213141516 |
- def oracle_passwd(password, salt, uppercase=True):
- """
- Reference(s):
- https://www.evilfingers.com/tools/GSAuditor.php
- http://www.notesbit.com/index.php/scripts-oracle/oracle-11g-new-password-algorithm-is-revealed-by-seclistsorg/
- http://seclists.org/bugtraq/2007/Sep/304
- >>> oracle_passwd(password='SHAlala', salt='1B7B5F82B7235E9E182C', uppercase=True)
- 'S:2BFCFDF5895014EE9BB2B9BA067B01E0389BB5711B7B5F82B7235E9E182C'
- """
- binsalt = hexdecode(salt)
- retVal = "s:%s%s" % (sha1(utf8encode(password) + binsalt).hexdigest(), salt)
- return retVal.upper() if uppercase else retVal.lower()
|