How to identify that a column in oracle is encrypted using DBMS_CRYPTO.HASH or DBMS_OBFUSCATION_TOOLKIT.MD5 or not
Is there any function that i can run across all columns of the oracle database (ALL_TAB_COLUMNS) which will return true if column is encrypted or not?
I think it is very difficult to identify the columns that are encrypted. However, it should be easy to find candidate columns because they usually contain only hex data and are of a fixed length.
There are two common ways to store hex data in Oracle, as a
RAW
or as a string (CHAR
,VARCHAR2
etc.).RAW
is the proper datatype for raw data, as you don't have characterset issues, and it is unambiguos about character case (f6099c0 is the same as F6099C0), and it's half the size. However, in my experience, strings are sadly used more often, mostly because the developer have never heard of aRAW
datatype. In your hunt for hashes, you'll have to look for both, though.Some example data:
You can now filter out the candidate columns by the fact that the highest value in the column is as long as the lowes value. As low/high values are stored as hex strings, you need to double the length (quite confusingly) to 32/64 for MD5, 40/80 for SHA1 etc:
I'd check next whether all values in the table are of a fixed length for those candidates. If the table is large, I'd start with a small sample. For instance for column sha1r:
Next, I'd check for the string versions if they are all hex characters (this is obviously not needed for the raw version):
Now you could use tools like https://code.google.com/archive/p/hash-identifier/, mentioned in this question to check the hash type.
Your example
F6099C0932D0E2B13286219F99C265975B33FD84
results inBTW, please use text instead of images, I had to manually type in your example to try it out, instead of copy and paste, which is a pain.