omair2084
commented
6 years ago userlikepwd works by executing the query "select username from ALL_USERS". And it checks all users who have the same password as username.
Closed marcelosoyyo closed 6 years ago
omair2084
commented
6 years ago userlikepwd works by executing the query "select username from ALL_USERS". And it checks all users who have the same password as username.
quentinhardy
commented
6 years ago
hi, i've been testing the tool, and as i dont know phyton i cant get much into the code. My question is how does the tool manage to discover valid username/passwords that are not listed in the *.txt files when i execute the tool with a user that only has create session privilege? i found it not only discover the predefined users, but if i create any user with the same password as username it detects it!