Somewhere after 9.0 they switched to two seperate files, with CONNECTIONSPWDS.INI for the encrypted passwords and CONNECTIONS.INI for the rest of the connection information. Newer versions, my guess versions 9.0+, switched to AES for the password encryption.
Scalzo's paper on securing Toad, the password entry for older versions (8.6-) of Toad may use the Caesar-Chiffre encryption algorithm. No password checks are made by Toad provided that previous connection listed in the file was successful.īelow is a sample of a CONNECTIONS.INI file. All the user has to do is put the file in the proper spot, bring up Toad, and then click on the connection to log in. Based on that you should be able to see how easy it is for one user to obtain credentials of another user and log in with them. In my experience with Oracle developers, I have found this file being traded among them as it offers an easy way to pass connection information. During a forensics review, you will find bits and pieces of this file all over unallocated space and slack space depending on how much the user used Toad. It contains the passwords, usernames, and servers the user connected to using Toad. The CONNECTIONS.INI file stores connection information related to previously used connections. Here are some notes for Oracle related forensics concerning Toad from Quest Software. Immediately apply the skills and techniques learned in SANS courses, ranges, and summits
0 kommentar(er)
