we are investigating an illegal online gambling site. To find any evidence to support for illegal gambling, we must access the oracle database with administrator privileges. The suspect says that he does not know the administrator password, but we know for sure that he is lying.

The password is estimated to be longer than 8 characters. However, we don't have enough time to apply a brute-force attack. In order to request an arrest warrant, we must find the evidence of illegal gambling before the YUT-Challenge is over.

By using social engineering, we were able to find various data about the suspect. By analyzing the data, the suspect always include last four digits('1024') of his phone number in his password. Hence, we may assume that his phone number is included in the administrator password for the database.

The given file is the dump file of sys.user$ table in oracle database. (The data file of system tablespace is too big to upload.)

Find the password of 'SYSTEM' account.

Down