How to find APPS and SYSADMIN Password in R12 when it is not known How to find APPS password?

Scenario: You are given an Oracle Application R12 instance of which details are not provided. The only details you have are the OS passwords of Application and Database tier. Following are the things which you require to know of the Oracle Application R12 instance 1. SYSTEM password (Oracle Database) 2. APPS Password (Oracle Database) 3. SYSADMIN Password Solution: 1. SYSTEM password (Oracle Database) This can be changed using ALTER USER 2. APPS Password (Oracle Database) This cant be change because it can be used in other applications database as database link. Hence we need to find out the current APPS password 3. SYSADMIN Password Once SYSTEM and APPS password are known this can be changed using FNDCPASS Find out APPS password 1. Login to Application tier node as application OS owner 2. Change directory to cd $FND_TOP/patch/115/sql 3. Copy the package AFSCJAVS.pls in a temporary directory 4. Edit the copied package AFSCJAVS.pls and add the following lines in it:
/*--------------------------------------------------------------*/ function decrypt(key in varchar2, value in varchar2) return varchar2; /*--------------------------------------------------------------*/

5. Login to the Application Oracle Database as SYSTEM user 6. Set current schema to APPS alter session set current_schema=apps; 7. Compile the package AFSCJAVS.pls

8. Execute the following query and find out if the package is valid or not.
col OBJECT_NAME for a30; set line 200; select object_name,object_type,status,owner from dba_objects where object_name='FND_WEB_SEC'; SQL> show user USER is "SYSTEM" SQL> col OBJECT_NAME for a30; set line 200; select object_name,object_type,status,owner from dba_objects where object_name='FND_WEB_SEC'; SQL> SQL> OBJECT_NAME OBJECT_TYPE STATUS OWNER ------------------------------ ------------------- ------- -----------------------------FND_WEB_SEC CONTEXT VALID SYS FND_WEB_SEC PACKAGE VALID SYSTEM FND_WEB_SEC PACKAGE VALID APPS FND_WEB_SEC PACKAGE BODY VALID APPS

9. If the package is not valid then compile it to make it valid alter PACKAGE apps.FND_WEB_SEC compile body;

10. Login to the Application Oracle Database as SYSTEM user 11. Set current schema to APPS alter session set current_schema=apps; 12. Run the following SQL to know the APPS password
SELECT( SELECT fnd_web_sec.decrypt('GUEST/ORACLE',encrypted_foundation_password) FROM dual )AS APPS_PASSWORD FROM apps.fnd_user WHERE user_name like 'GUEST' ; SQL> SELECT( SELECT fnd_web_sec.decrypt('GUEST/ORACLE',encrypted_foundation_password)

FROM dual )AS APPS_PASSWORD FROM apps.fnd_user WHERE user_name like 'GUEST' 2 3 4 5 6 7 8 9 10 ; APPS_PASSWORD -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------AICDIL123 SQL>

AICDIL123 is your APPS password

13. Since now you have the APPS password you can change the SYSADMIN password using FNDCPASS utility 14. Replace the FND_WEB_SEC package body by executing the script $FND_TOP/patch/115/sql/ AFSCJAVS.pls which will replace the modified code with the original code.

How to find SYSADMIN password?

If you know APPS and SYSTEM password of Oracle Application database, then you can easily change the SYSADMIN password using the FNDCPASS utility. However, this will overwrite or change the existing SYSADMIN password. This probably may not be an acceptable solution since there might be other users (not known to you) who might be using it. So best option is to find out the SYSADMIN password. The steps to find out SYSADMIN password is as follows: 1. Create package specification
CREATE OR REPLACE PACKAGE get_pwd AS FUNCTION decrypt (KEY IN VARCHAR2, VALUE IN VARCHAR2) RETURN VARCHAR2; END get_pwd; /

2. Create package body

CREATE OR REPLACE PACKAGE BODY get_pwd AS FUNCTION decrypt (KEY IN VARCHAR2, VALUE IN VARCHAR2) RETURN VARCHAR2 AS LANGUAGE JAVA NAME 'oracle.apps.fnd.security.WebSessionManagerProc.decrypt(java.lang.String,java.lang.String) return java.lang.String'; END get_pwd; /

3. Execute query based on the package

SELECT usr.user_name, get_pwd.decrypt

((SELECT (SELECT get_pwd.decrypt (fnd_web_sec.get_guest_username_pwd, usertable.encrypted_foundation_password ) FROM DUAL) AS apps_password FROM fnd_user usertable WHERE usertable.user_name = (SELECT SUBSTR (fnd_web_sec.get_guest_username_pwd, 1, INSTR (fnd_web_sec.get_guest_username_pwd, '/' ) -1 ) FROM DUAL)), usr.encrypted_user_password ) PASSWORD FROM fnd_user usr WHERE usr.user_name = '&USER_NAME';

4. Drop the package This is to make sure that no unauthorized uses happens