Recently I have discovered a powerfull inverse dictionary web-based. A inverse dictionary use the hash (password encryted) to get the password (in readble format). Usually you can get the hash in the next ways;
For Oracle database, versions 8,9,10 (in 11 and 12 it is possible too but you need query another view);
select passsword from dba_user where username =’SYSTEM’
select password from user where username=’root’ — Remember this engine is case sensitive by default
The web link to this tool;
It supports a lot of algorithms but not support hash with salt, salt concept in cryptography is similar to create a random number and use “add” to clear password or username with the propourse the create hash specific for one system (machine, database, app).
Inverse dictionary is a table with all or many possibles passwords for a specific user (usually system, root…). I have tried a pair the mysql database (root user) and it works fine. In the Oracle case doesn’t because of since version 11 Oracle uses salted hash.
HTH – Antonio NAVARRO