Database Reference
In-Depth Information
Here is an example that works with 12c (B2) both for *nix and Windows:
[oracle@orlin ~]$ python dblinkdec.py
075C39BA57DD7FC8F7F29BAAA2D1026982559D120F9D03D98745D949AF19F0345BCC3828592055EA7E8F7E5DC1D9
BD5D444FFBA516CF3D109005BD963BC2521E715D3EC32D1C8518AD49B6F37B6699E7715FFA24ACF7D697E75A7078
B05E113F927C56D4D1A178034591D5FF56FD383AB3E7A2391D55EEC105921EFA617900DF
The link password is: MYPW!
Here is a look at Laszlo's code, which achieves that decryption:
from binascii import *
from Crypto.Cipher import AES
from struct import *
import sys
chooser=[0x00,0x02,0x00,0x01,0x06,0x00,0x00,0x00,0x00,0x00,0x02,0x02,0x02,0x00,0x00,0x00,0x01,0x
--8<--snip
x00,0x00,0x00,0x02,0x00,0x00,0x03]
hexsha256res="D09E63737B42C2E5068CF0E5D027AE73EA00498127C83383CF8470C6AFD1AD39"
sha256res=bytearray(unhexlify(hexsha256res))
hexpasswordx=sys.argv[1]
passwordx=bytearray(unhexlify(hexpasswordx))
chooser_offset=passwordx[1]*64
ch=1
px=0
toxor=bytearray(64)
i=0
for i in range(64):
ch=chooser[i+chooser_offset]+ch+1
px=passwordx[ch]
toxor[i]=px
keyba=bytearray(32)
for i in range(32):
keyba[i]=toxor[i]^sha256res[i]
key="".join(map(chr, keyba))
iv="".join(map(chr, chooser[chooser_offset:]))
encr="".join(map(chr, toxor[32:]))
cr=AES.new(key, AES.MODE_CBC, iv[0:16])
decr=cr.decrypt(encr)
pwd_len,=unpack("b",decr[0])
pwd=decr[1:pwd_len+1]
print "The link password is: %s!" % (pwd,)
