hash_1_7.py 638 B

12345678910111213141516
  1. def oracle_passwd(password, salt, uppercase=True):
  2. """
  3. Reference(s):
  4. https://www.evilfingers.com/tools/GSAuditor.php
  5. http://www.notesbit.com/index.php/scripts-oracle/oracle-11g-new-password-algorithm-is-revealed-by-seclistsorg/
  6. http://seclists.org/bugtraq/2007/Sep/304
  7. >>> oracle_passwd(password='SHAlala', salt='1B7B5F82B7235E9E182C', uppercase=True)
  8. 'S:2BFCFDF5895014EE9BB2B9BA067B01E0389BB5711B7B5F82B7235E9E182C'
  9. """
  10. binsalt = hexdecode(salt)
  11. retVal = "s:%s%s" % (sha1(utf8encode(password) + binsalt).hexdigest(), salt)
  12. return retVal.upper() if uppercase else retVal.lower()