Call (800) 766-1884 for Oracle support & training
Free Oracle Tips

Oracle Consulting Support
Oracle Upgrades
Use New Oracle Features
Oracle Replication Support
Oracle Training
Remote Oracle DBA
System Documentation
Oracle Tips
Oracle Performance
 

Free Oracle Tips


 
HTML Text

BC Oracle tuning

Oracle training

Oracle support

Remote Oracle

Redneck
 

Donald K. Burleson

Oracle Utilities Tips

 

PL/SQL Wrap Utility for Encryption

 

SQL> select text from user_source where name = 'GIVE_RAISE';

TEXT
------------------------------------------------------------
procedure give_raise
(emp_id in employee.id%type,
emp_rating in NUMBER )
IS
BEGIN
-- raises are only given to those that scored a 5
-- in their rating
if emp_rating = 5 then
update employee
set salary = salary + (salary * .15)
where id = emp_id;
end if;
END ;

13 rows selected.

Any user that has been granted the DBA privilege can see the contents of the procedure (dba_source), including in this case, the company formula for raises. To prevent this, the stored procedure needs to be wrapped and replaced in the database.

C:\oracle9i\bin>wrap iname=giveraise.sql oname=give_raise_encrypted.sql

PL/SQL Wrapper: Release 9.2.0.1.0- Production on Sun Dec 08 14:28:41 2002

Copyright (c) Oracle Corporation 1993, 2001. All Rights Reserved.

Processing giveraise.sql to give_raise_encrypted.sql

Once wrapped, the procedure can be resubmitted to the database:

SQL> @c:\oracle9i\bin\give_raise_encrypted.sql

Procedure Created.

Now, another query against user_source shows the newly wrapped code:


SQL> select text from user_source where name = 'GIVE_RAISE';

TEXT
----------------------------------------------------------
procedure give_raise wrapped
0
abcd
abcd
abcd
abcd
abcd
abcd
abcd
abcd
abcd
0 9a 8f :2 a0 6b :2 a0 f b0
3d 8f a0 b0 3d b4 55 6a
a0 7e 51 b4 2e :3 a0 7e 51
b4 2e e7 :2 a0 7e b4 2e ef
f9 e9 b7 19 3c b7 a4 b1
11 68 4f 1d 17 b5
...

Notice the output of the query above appears like garbage, or at least not readable code. Nothing except Oracle.exe can now read the logic for generating raises.
 

The above is an excerpt from Oracle Utilities - Using Hidden Programs, Import/Export, SQL Loader, oradebug, Dbverify, Tkprof and More by Rampant TechPress (Dave Moore).

It’s only $19.95 and you can order the book and get instant access to the online Oracle utilities scripts:

 http://www.rampant-books.com/book_2003_1_utils.htm


 

http://rampant-books.com/book_2003_2_audit.htm

  ”call

Download your Oracle scripts now:

www.oracle-script.com

The definitive Oracle Script collection for every Oracle professional DBA






Oracle reference poster 




Rampant Oracle books     

   

Copyright © 1996 -  2009 by Burleson Enterprises, Inc. All rights reserved.

Oracle® is the registered trademark of Oracle Corporation.