Hi Guys,

I have just released a free Oracle password cracker written completely
in PL/SQL on my website. The reason for doing this is to try and
encourage people to "test" passwords for strength in their own
databases. I am not seeing any real improvements in password strength
generally across the industry over the last 8 years.

It is not the intention to replace the fast C based crackers such as
woraauthbf but instead to suppliment it. In my experience I find that
people have not covered the bases yet, that is they still have passwords
set to usernames, passwords set to defaults and also extremely weak
passwords.

I often suggest to people to download binary based crackers but there is
often a reticence to do this. Hence I decided to create a PL/SQL based
one. This way there is no excuse, its a SQL script that can be run in
SQL*Plus and also its going to find the core issues anyway before you
need a faster cracker.

Some details on how it works and what it does are included in the page
http://www.petefinnigan.com/oracle_password_cracker.htm for the cracker.
You can also download it from the same page.

hope its useful

cheers

Pete