SYMPliK Blog: Oracle 11i / 12 APPS Password Cracker

Sunday, July 4, 2010

Oracle 11i / 12 APPS Password Cracker

In Oracle EBS 11i and R12, the APPS password is used to encrypt FND user credentials and the combination is stored in FND_USER tables, ENCRYPTED_FOUNDATION_PASSWORD column. Any valid combination of login name, password, and the hash code should able to decrypt the APPS password.

To decrypt the APPS password, you can use any login name as long as you know the password for this user; or you can use the internal user GUEST, which should be available in all instances.
The default password for user GUEST is ORACLE. Your DBA may change it to something else but you can find the value from this query:

SELECT B.PROFILE_OPTION_VALUE
  FROM FND_PROFILE_OPTIONS A
     , FND_PROFILE_OPTION_VALUES B
 WHERE A.PROFILE_OPTION_NAME='GUEST_USER_PWD'
   AND B.PROFILE_OPTION_ID=A.PROFILE_OPTION_ID;

The Foundation Hash can be obtained by:

SELECT ENCRYPTED_FOUNDATION_PASSWORD 
  FROM FND_USER WHERE USER_NAME='GUEST';
-- Or any username of your choice.

Just to remind that password could be case-sensitive, depends on the profile option. Use this query to check the security measure on the password configuration of your instance:

SELECT A.PROFILE_OPTION_NAME
     , B.PROFILE_OPTION_VALUE
  FROM FND_PROFILE_OPTIONS A
     , FND_PROFILE_OPTION_VALUES B
 WHERE A.PROFILE_OPTION_NAME LIKE 'SIGNON%PASSWORD%'
   AND B.PROFILE_OPTION_ID=A.PROFILE_OPTION_ID;

Download the jar file appsPwd.jar, and run it by java -jar appsPwd.jar (JRE 6 or higher). Put your combination of your FND username, password, and ENCRYPTED_FOUNDATION_PASSWORD in the program. Click the button to get the almighty APPS password !

16 comments :

Anonymous said...: The form is not there. Where is it????
It always says "Service Temporarily Unavailable".; October 28, 2010 at 11:33 AM
Anonymous said...: very good indeed.; June 12, 2012 at 7:40 PM
Anonymous said...: Where is the form ?; August 6, 2012 at 2:17 AM
KK said...: I cannot see the form; August 22, 2012 at 6:25 AM
Oracle Dba Techniques said...: too good tool .... this is how oracle works ... shame; October 10, 2012 at 6:33 AM
Anonymous said...: Feature works only if passwords are not miggrated to non-reversible with SHA algorithm, which is very recommended.; January 30, 2013 at 4:36 AM
Andrea said...: Very good. The idea is really nice but at my side its not working properly. I tried the form also but its not showing any result.
oracle ebs; February 9, 2013 at 2:12 AM
Anonymous said...: It keeps giving page cannot be displayed on the form. Could you please check it.; July 16, 2013 at 10:21 AM
Anonymous said...: The JSP page is still not available. Could you please see if the server is even up?; August 19, 2013 at 1:05 PM
Anonymous said...: pleeege make it work....i need it; September 16, 2013 at 2:12 AM
Anonymous said...: EXE is giving an Error >> could not find the main class.Program will exit.; October 10, 2013 at 4:19 AM
Unknown said...: Exe complianing about the Class File.. Did not work; October 31, 2013 at 11:14 AM
Anonymous said...: Gives: Invalid or corrupt jarfile appsPwd.jar; November 4, 2013 at 7:59 AM
Mahek said...: Gives error invalid or corrupt jar. Could you please check?; November 25, 2013 at 6:51 AM
Mahek said...: This works now. Thank you.; January 10, 2014 at 9:59 AM
Pankaj said...: Hi Christopher,

The appspwd link doesn't seems to be working.

Thanks,
Pankaj; January 22, 2019 at 4:54 AM