Monday, June 3, 2013

Retrieve Oracle password from Toad for Oracle

One of the oldest feature Dell Toad has is saving login passwords. This is accomplish easy with enabling check box "Save passwords" on login screen.
The whole connection process is defined through three files located in %USERPROFILE%\AppData\Roaming\Quest Software\Toad for Oracle\11.6\User Files\, where "11.6" is Toad version and may vary in your cases:
  1. CONNECTIONS.INI
  2. CONNECTIONACTIONS.INI
  3. CONNECTIONPWDS.INI
Passwords are stored in encrypted way in CONNECTIONPWDS.INI file. However they are not exposed in any normal way (you can read them) but only to use them as login without knowing password, which was once placed. This may raised some security issue, which I'll cover at the end. But having stored passwords allow Toad many beautiful automation and wide a lot actions that might need password as input. However, saving passwords also gave me additional feature (which is originally mine trick)-a way to retrieve Oracle passwords from any saved connection.

The solution

The trick is based on another Toad for Oracle feature-get SQL for any kind of DDL action, which was performed through GUI, in this case creating db link. Here is what you have to do to retrieve scott password:
  1. Connect in Toad as any user for which you DO NOT WANT TO RETRIEVE password (in mine case this is vadas user)
  2. Choose Database|Create|DB Link menu item
  3. Fill data as shown in the picture:

    As you can see I have chosen scott user and password is automatically retrieved from saved passwords file.
  4. Choose Show SQL as shown in the picture and you'll get pure SQL which contains password

And that's it! Pretty cool isn't it?
The trick is working for every user's password. In next case I'm showing how to retrieve sys password, retrieved through scott connection.

The End

Someone might say this is security issue, but I do strongly think it is not! Mentioned file with stored passwords is encrypted with two keys:
  1. Domain user name
  2. Some kind of workstation unique hash value
These ensures that password file cannot be copied to another workstation and Domain admins (or other privileged users on that workstation) cannot use that file in any way! For me this is more then fair insurance.

Keep in mind that newer releases of Toad do not use "workstation unique hash value", but only domain username as a pattern for hashing. Check and test before dropping old laptop data. For the end let me tell that if someone find storing password as a security issue regardless motioned, he/she can always disable that option and live with shorter
Hope this helps someone.

Cheers!

39 comments:

  1. Very nice hint. Keep on sharing things dude.

    ReplyDelete
  2. Glad to help you guys.
    Right now I'm asking Dell technical stuff to leave that "hidden" feature in future versions ...

    ReplyDelete
  3. Replies
    1. I'm not sure, now when I left genie out of the bottle, Dell's management might shutdown this feature if they found out ....
      8(

      Delete
  4. woow. simple yet a gr8 trick.

    ReplyDelete
  5. Wow, great work!!!
    Thanks very much!

    ReplyDelete
  6. Thanks!! this saved a ton of trouble...

    ReplyDelete
  7. Thank you for sharing this very good job.

    When I searched for solution of lost password problem (and found your great solution), I found one online web service which get you all your toad passwords as html document, you just need have access to connectionpwds.ini file on your hard drive:

    http://www.talkingbyte.com/index.php?page=connectionpwds

    ReplyDelete
    Replies
    1. Radovan,
      THX for your post.
      Your link shocked me. I thought things are little more complicated.
      Brg
      Damir

      Delete
    2. Did you consider a security issue posting the passwords file to a third party?

      Delete
    3. do not follow you!?
      Please explain.

      Delete
  8. Thank you very much, I was in a dilemma on how to deal with this issue as I wanted to login into the database to resolve something quickly.
    Your resolution came to the rescue and made my day :) ...My sincere thanks to you....

    ReplyDelete
  9. Excelente!!! Muchas gracias!!! :D

    ReplyDelete
  10. Thanks a lot for the trick

    ReplyDelete
  11. Genie was left out of the bottle...

    ReplyDelete
  12. this is the best way to retrive password from Toad

    ReplyDelete


  13. this is a best blog all recovery service provide in this blog other information our site recoveryourpassword

    ReplyDelete
  14. Best blog...thank you.

    ReplyDelete
  15. recovered my password..very useful info for those who are using TOAD...thanks!!

    ReplyDelete
  16. wooow... this trick is working, thanks a lot

    ReplyDelete
  17. Excellent - Thank you so very much!!

    ReplyDelete
  18. What about TOAD for MySQL ? any trick ?

    ReplyDelete
  19. This comment has been removed by a blog administrator.

    ReplyDelete
  20. Thank you very much for the post... Saved me a days of time

    ReplyDelete
  21. No more works with Toad 13.1 Genie is locked in bottle again :)

    ReplyDelete
    Replies
    1. i know...already took message that I have loose ghost from the bottle.

      Delete
  22. man that helped me like more than you can think

    ReplyDelete
  23. This comment has been removed by a blog administrator.

    ReplyDelete