Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ) ( ( )
- ( /( )\ ) )\ ) ( ( /( * )
- )\()) ( (()/( (()/( ( )\ )\())` ) /(
- ((_)\ )\ /(_)) /(_)))((_)((_)\ ( )(_))
- _((_) _ ((_)(_)) (_)) ((_)_ ((_)(_(_())
- | \| || | | || | | | | _ ) / _ \|_ _|
- | .` || |_| || |__ | |__ | _ \| (_) | | |
- |_|\_| \___/ |____||____||___/ \___/ |_|
- The following is a leak of the UCD's dba config sql file
- I have no clue if it is useful or not... I am but a sciddie
- It does say in the file: "Get the encrypted password of the user (requires DBA privilege)"
- And it includes possible a password hash: "define _password = "AEF42D39C3600AD4""
- So i decided to share my find
- FILE LINK = http://members.nova.org/~shperl/Oracle/dba_conn.sql
- ++++++++++++++++++ENJOY+++++++++++++++++++++
- ------------------------------------------------------------------------------------------------------------------------
- REM
- REM.................................................................
- REM University of California, Davis
- REM Procedure Name : dba_conn.sql
- REM Author : Tim L. Olesen
- REM (Original concept developed by Thomas A. Grayson)
- REM Date Completed : 11-OCT-90
- REM Version : V01-001
- REM Location : $ORACLE_HOME/tools/odms/frm
- REM
- REM Execute Commands : start dba_conn.sql
- REM Purpose:
- REM
- REM This SQL script allows any user with DBA privilege to connect to
- REM another user's account without a password. It accepts a parameter
- REM for the name of the user to connect to and does the rest. The
- REM password of the latter user does not change.
- REM
- REM Bugs: A non-DBA will be able to connect to the user with this routine
- REM if that user's password happens to be 'temporary_dummy_password_'.
- REM This password was selected to make this occurrence unlikely. If the
- REM user is a DBA and the user to connect to doesn't exist, then the
- REM user will be created with a password of 'temporary_dummy_password_'.
- REM
- REM Modification History:
- REM Revised By Date Version Description
- REM ---------- -------- ------- --------------------------------
- REM mm/dd/yy Vxx-xxx
- REM
- REM Input/Output:
- REM Log. Name File Name Description
- REM --------- --------- ------------------------------------
- REM
- REM Parameters:
- REM Name Description
- REM ---- -----------------------------------------------------
- REM
- REM.................................................................
- REM
- REM set termout off
- set echo off
- set verify off
- set pause off
- REM
- REM
- REM Set the variable '_password' equal to the encrypted value of
- REM 'temporary_dummy_password_' as a default if the password query
- REM returns no rows
- REM
- define _password = "AEF42D39C3600AD4"
- REM
- REM Get the encrypted password of the user (requires DBA privilege)
- REM
- column password new_value _password noprint
- accept USERNAME prompt "Connect as user named : "
- select password from dba_users where username = upper('&&USERNAME');
- REM
- REM Change the password of the user to 'temporary_dummy_password_'
- REM (requires DBA privilege)
- REM
- alter user &&USERNAME identified by temporary_dummy_password_;
- REM
- REM Connect to the user using the password 'temporary_dummy_password_'
- REM
- connect &USERNAME/temporary_dummy_password_
- REM
- REM Reset the encrypted password using the undocumented VALUES keyword
- REM to GRANT
- REM
- alter user &&USERNAME identified by values '&&_password';
- REM
- REM Clean up the tracks
- REM
- set termout on
- column password clear
- undefine _password
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement