Re: wrapping packages

Hi!

I think disassembling the code itself wouldn't be that condemnable (is this correct usage of the word?), but if anyone would start disributing the wrapping algorithm or spreading modified Oracle code, that would make Oracle wake up. After all, I do have the right to know, which code is executed on my computer (OTOH, I've not read any agreements too thoroughly, when downloading software).

Anyway, I don't have that much money to spend on lawyers than Oracle does, so I won't start spreading the results. And I probably won't have any results anyway, since I don't have that much spare time anymore, like Vladimir pointed out...

Tanel.

• Original Message ----- To: "Multiple recipients of list ORACLE-L" <ORACLE-L_at_fatcity.com> Sent: Sunday, September 21, 2003 8:39 PM

> Hi Peter, Tanel and Jared,
>
> Peter: I meant a public unwrap process not the internal mechanisms in
> the PL/SQL interpreter / VM.
>
> Tanel: I would be more worried about Oracle coming after you in the
> legally sense if you did reverse engineer the wrap process!!
>
> Jared: Are you sure that's how it works? do you have inside knowledge? -
> if it is this way, is it compiled P-Code or the intermediate DIANA
> representation? - if it were DIANA or p-code then Peter is wrong above
> as i would assume that instead of needing an un-wrapper that the VM /
> interpreter just loads p-code rather than calling the compiler first -
> if it is DIANA representation then that would mean loading somewhere in
> the middle of the normal process - or would it? - Is normal (non
> wrapped) pl/sql that is loaded into the cache held as p-code or DIANA -
> (or both?).
>
> I understood that the wrap process encoded or rather obfuscated the
> PL/SQL not encrypted it - I am not sure storing it as P-Code or diana
> would be secure as it should then be possible to extract enough
> structural program info from the database with the diana packages? or
> from the tables where the diana - or p-code is held.
>
> Anyway's Peter is right in some sense as I heard that some Russian guy
> is supposed to have reverse engineered the wrap process and un-encoded /
> decrypted all of the builtin packages and posted the code somewhere on
> the net - A guy from a security company in the states told me this some
> months ago but i haven't seen any discussion of it to confirm it.
>
> kind regards
>
> Pete
>
> --
> Pete Finnigan
> email:pete_at_petefinnigan.com
> Web site: http://www.petefinnigan.com - Oracle security audit specialists
> Book:Oracle security step-by-step Guide - see http://store.sans.org for
details.
>
> --
> Please see the official ORACLE-L FAQ: http://www.orafaq.net
> --
> Author: Pete Finnigan
> INET: oracle_list_at_peterfinnigan.demon.co.uk
>
> Fat City Network Services -- 858-538-5051 http://www.fatcity.com
> San Diego, California -- Mailing list and web hosting services
> ---------------------------------------------------------------------
> To REMOVE yourself from this mailing list, send an E-Mail message
> to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in
> the message BODY, include a line containing: UNSUB ORACLE-L
> (or the name of mailing list you want to be removed from). You may
> also send the HELP command for other information (like subscribing).
>

-- 
Please see the official ORACLE-L FAQ: http://www.orafaq.net
-- 
Author: Tanel Poder
  INET: tanel.poder.003_at_mail.ee

Fat City Network Services    -- 858-538-5051 http://www.fatcity.com
San Diego, California        -- Mailing list and web hosting services
---------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from).  You may
also send the HELP command for other information (like subscribing).