Sunday, July 4, 2010

Oracle 11i / 12 APPS Password Cracker

In Oracle EBS 11i and R12, the APPS password is used to encrypt FND user credentials and the combination is stored in FND_USER tables, ENCRYPTED_FOUNDATION_PASSWORD column. Any valid combination of login name, password, and the hash code should able to decrypt the APPS password.

To decrypt the APPS password, you can use any login name as long as you know the password for this user; or you can use the internal user GUEST, which should be available in all instances.
The default password for user GUEST is ORACLE. Your DBA may change it to something else but you can find the value from this query:
SELECT B.PROFILE_OPTION_VALUE
  FROM FND_PROFILE_OPTIONS A
     , FND_PROFILE_OPTION_VALUES B
 WHERE A.PROFILE_OPTION_NAME='GUEST_USER_PWD'
   AND B.PROFILE_OPTION_ID=A.PROFILE_OPTION_ID; 

The Foundation Hash can be obtained by:
SELECT ENCRYPTED_FOUNDATION_PASSWORD 
  FROM FND_USER WHERE USER_NAME='GUEST';
-- Or any username of your choice.

Just to remind that password could be case-sensitive, depends on the profile option. Use this query to check the security measure on the password configuration of your instance:
SELECT A.PROFILE_OPTION_NAME
     , B.PROFILE_OPTION_VALUE
  FROM FND_PROFILE_OPTIONS A
     , FND_PROFILE_OPTION_VALUES B
 WHERE A.PROFILE_OPTION_NAME LIKE 'SIGNON%PASSWORD%'
   AND B.PROFILE_OPTION_ID=A.PROFILE_OPTION_ID;

Download the jar file appsPwd.jar, and run it by java -jar appsPwd.jar (JRE 6 or higher). Put your combination of your FND username, password, and ENCRYPTED_FOUNDATION_PASSWORD in the program. Click the button to get the almighty APPS password !

16 comments :

Anonymous said...

The form is not there. Where is it????
It always says "Service Temporarily Unavailable".

Anonymous said...

very good indeed.

Anonymous said...

Where is the form ?

KK said...

I cannot see the form

Oracle Dba Techniques said...

too good tool .... this is how oracle works ... shame

Anonymous said...

Feature works only if passwords are not miggrated to non-reversible with SHA algorithm, which is very recommended.

Andrea said...

Very good. The idea is really nice but at my side its not working properly. I tried the form also but its not showing any result.
oracle ebs

Anonymous said...

It keeps giving page cannot be displayed on the form. Could you please check it.

Anonymous said...

The JSP page is still not available. Could you please see if the server is even up?

Anonymous said...

pleeege make it work....i need it

Anonymous said...

EXE is giving an Error >> could not find the main class.Program will exit.

Unknown said...

Exe complianing about the Class File.. Did not work

Anonymous said...

Gives: Invalid or corrupt jarfile appsPwd.jar

Mahek said...

Gives error invalid or corrupt jar. Could you please check?

Mahek said...

This works now. Thank you.

Pankaj said...

Hi Christopher,

The appspwd link doesn't seems to be working.

Thanks,
Pankaj