process for each character.
Although the password is encrypted, it is possible to discover it. After
further investigation and reverse engineering the Lua pre-compiled binaries of
Publique! framework, it appears that the encryption algorithm used is
reversible (i.e. is not a hashing function).
Basically, before storing passwords in the database, the framework encrypts
them with two CGILUA [4] built-in functions: "crypt()" [5] and "encode()" [6].
Since the key used by the encryption algorithm is hard-coded in Publique!
binaries, it is possible to retrieve the plain password from the cypher by
against SSL connections and monitor or tamper with the traffic to secure
websites or email servers.
The infrastructure of Certification Authorities is meant to prevent exactly
this type of attack. Our work shows that known weaknesses in the MD5 hash
function can be exploited in realistic attack, due to the fact that even after
years of warnings about the lack of security of MD5, some root CAs are still
using this broken hash function.
More details:
http://www.phreedom.org/research/rogue-ca/
Another obstacle is the fact that the Intel Compiler, which was used to compile the Oracle executable, uses an optimization which led in having no cross references (XREFs) to code or data in several segments. Thus we could not see wherefrom for example an S-Box is accessed in the code. So we used the IDA API to implement a tool which automatically finds these PC-relative offset calculations and adds XREFs to the IDB. One can only assume that Oracle uses the Intel compiler because no other compiler would produce efficient enough code to run this behemoth of a binary in acceptable speed.
We also combined the static analysis by disassembling the Oracle executable with a runtime analysis using ltrace and the precious GNU debugger GDB. Have you ever tried to attach more than two dozens processes with GDB and set a few hundred breakpoints in batch mode? It's real fun.
Anyway, what were we looking for? We're looking for some kind of "create password hash" function, which generates and stores a 30 Byte ASCII-hex encoded sequence in table sys.user in a field called "spare4".
After we ran into different hashing and cipher functions (Oracle actually does Kerberos, AES for TLS, etc) we found the appropriate hashing function.
There is a function called ztv2ghashs, which takes the following arguments: a password, the password length, a salt value, the salt length, a hashing algorithm identifier and a structure which holds the calculated hash value as result.
