Oracle database authentication protocol vulnerability opens door for brute-force attack

Computer Security

A serious vulnerability in the authentication protocol used by some Oracle databases is detected by a Researcher with Appsec tomorrow. The backdoor enables hackers to perform the brute force attack similar to the SHA1 password hack.

The authentication process currently used by Oracle databases - contacts the database server to get the session key back to the client, along with a salt. The vulnerability enables a hacker to link a specific session key with a  specific password hash.

The Researcher Esteban Martinez Fayo will demonstrate a proff-of-concept attack. Martinez first reported the bug in the Oracle database back in May 2010. Oracle did a great job fixing it in their next version, but left the current/previous version without the patch or other updates to get it fixed.

But they never fixed the current version, so the current 11.1 and 11.2 versions are still vulnerable. Martinez Fayo says, and Oracle has no plans to fix the flaws for version 11.1

Once the attacjer has a Session Key and a salt, the attacker can perform a brute force attack on the session key by trying millions of passwords per second until the correct on is found. This is very similar to a SHA-1 password hash cracking. Rainbow tables can't be used becayse there is a salt ussed for password hash generation, but advanced hardware can be used, like GPUs combined with advanced techniques like Dictionary hybrid attacks, which can make the cracking process much more efficient

If the vulnerability is widely deployed it is sure a one heck of the problem for IT firms and other services relying on oracle database. The oracle developers team should consider it as a dangerous backdoor which can put millions on passwords ready for the hackers to sneak upon.

Leave your comments

Post comment as a guest

0 Character restriction
Your text should be more than 5 characters
  • No comments found
Sign up via our free email subscription service to receive notifications when new information is available.


Guest - Christiana_Antiga
Facebook hiding your profile from certain people and / or a limited profile offering several levels ...
Guest - Christiana_Antiga
Great post! Thanks for sharilng
Sorry for getting back so late. I was busy with my exams.

Glad I could help.

Why don't you re...
Guest - Om tripathi
thanks brother,
yes i am aware of that i play games on their low graphics quality
i am not a big f...
Hello Om,

I did used this laptop to play games on the bundled 4GB Ram, games didn't perform well ...