5.3. Wrapped PL/SQL
Oracle provides PL/SQL developers with a facility to encrypt their code once written. When PL/SQL code is encrypted, it is described as being "wrapped." Code is wrapped by using the wrap utility, which takes the name of the file that contains the code to be wrapped and the output file:
wrap iname=cleartext.sql oname=encrypted.plb
Because it's encrypted, the details of the code are hidden; and Oracle provides no unwrap facility. However, you can create your own unwrap utility. It's long been held by Oracle developers that it's not possible to decrypt the wrapped code, but the security community has known otherwise for a long time. Gareth James, one my colleagues at NGSSoftware, wrote an unwrapper in early 2004. Before then, I'd been simply extracting the source from a debugger session. By all accounts, a Russian developer was selling an unwrapper in 2003. At the Blackhat Security Briefings in the summer of 2006, Pete Finnigan presented a paper on unwrapping code on Oracle 8 and 9. The wrapping methods are completely different between 9i and 10g, as you shall see.
5.3.1. Wrapping and Unwrapping on 10g
In 10g the clear-text PL/SQL is encrypted in the following way. The text is first compressed using the Lempel-Ziv algorithm, and a SHA1 hash is generated from the compressed data. This hash is then copied to a buffer and the compressed data concatenated to the end. Then the value of each byte in the buffer is used as an index into a character substitution table. ...
Get The Oracle® Hacker's Handbook: Hacking and Defending Oracle now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
