I recently installed Oracle on a Windows 7 computer to test some tools that are available in Backtrack. I am very new to Oracle so it has been a bit of a learning process including the fact that I had no idea you can install Oracle without having to pay any money to download it so I also plan on writing an article on how to do this. Anyhow after the initial Oracle install we were testing oscanner from Backtrack and locked all of the Oracle accounts which was a bummer because I wasn’t sure there was a way to correct the issue. Turns out it is really easy to unlock the Oracle accounts if you have access to the Oracle server so below I describe how to unlock Oracle accounts when it appears they have all been locked.
Login To Oracle When All Oracle Accounts Are Locked:
- Launch To Oracle Enterprise Manager: Open the Oracle Enterprise Manager via your favorite browser by visiting https://localhost:1158/em which will bring you to the Oracle Enterprise Manager login screen as shown in the below example image.
Type the sys or system user and password as shown in the image above. If you attempt to login with the system account with Connect As set to Normal it will fail. The trick is to change the “Connect As” drop down to SYSDBA. Once logged in the default Oracle Enterprise Manager will look similar to the below example image.
- Oracle Enterprise Manager Server: Click the Server tab to display the Oracle Enterprise Manager server management screen as shown in the below example image.
- Oracle Enterprise Manager Users: Now underneath the Security section click on the Users link to open the Oracle Enterprise Manager users configuration page as shown in the below example image.
- Modify Oracle SYSTEM User: Scroll to the bottom of the Users list and select the drop down to go to the next set of users which should include the SYSTEM user as shown in the below image.
Now highlight the radio button next to SYSTEM and click the EDIT button at the bottom of the radio button column which will open the modify SYSTEM user window as shown below.
- Unlock Oracle SYSTEM User: Near the bottom of the editable options next to Status select the radio button next to Unlock and then click the Apply button in the bottom right corner. If the new unlocked status saves properly the message “User SYSTEM has been modified successfully” as shown in the below example image.
Notice how Status is now set to Unlocked.
- Test Oracle SYSTEM Account: Lets make sure the Oracle SYSTEM user has been unlocked by using a Oracle GUI client called Navicat Lite which can be downloaded for free here. Once installed launch Navicat Lite as shown in the below example image.
I already had the localhost connection configured so you will need to select File from the top navigation, highlight Add New Connection, and select Oracle from the fly out menu. This will open a window similar to the below where you should fill in the details of the Oracle connection.
If you have not added any databases to Oracle you can connect to the ORCL Service Name/SID. Type in localhost Hostname/IP Address, system for User Name, and the password that you have set for SYSTEM. Next click the Test Connection button to make sure the connection is working properly. If the Navicat Lite client is able to connect to the database without issue you will see the below message appear.
Click OK and then save the new connection to Oracle. Once saved you can click on localhost in the left tree and the connection should be made to Oracle on your Windows 7 computer. Expand the tree menu next to localhost and then expand the tree next to Schemas as shown in the below example image.
So even if you are a newbie to Oracle such as myself and in your initial attempt to test Oracle brute forcing tools you end up locking all of the accounts you can still unlock the necessary Oracle accounts on Windows 7 with ease!