14 matches found
Oracle DB SQL Injection Via SYS.LT.FINDRICSET Evil Cursor Method
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.LT.FINDRICSET Evil Cursor Method', 'Description' = %q This module will escalate an Oracle DB user to DBA by...
Hotfix Rollup Pack 1 for XenApp 5 2008 - Features and Enhancements List
This article describes Hotfix Rollup Pack 1 for Citrix XenApp 5 for Microsoft Windows Server 2008. Hotfix Rollup Pack 1 is cumulative - it can be installed on top of the XenApp 5 for Windows Server 2008 base product, on top of the first Feature Pack, Feature Pack 2, or Feature Pack 3. HRP01...
Oracle Auditing Part 1: Standard Auditing
This is the first of three articles on the topic of Oracle auditing. It is relevant to Oracle 10g, 11g, and 12c, although Unified Auditing in 12c makes some of this content irrelevant if you choose to use Pure Unified Auditing. Unified Auditing will be covered in the third part of this series...
U.S. Dept Of Defense: SQL Injection - https://███/█████████/MSI.portal
Summary: https://███████/███████/MSI.portal has a form page which is vulnerable to SQL injection. Description: URL: https://████/██████/MSI.portal?nfpb=true&pageLabel=msiportalpage61query The above url has a form where the field MSIqueryType is vulnerable to time based blind SQL injection. I...
Oracle GoldenGate 12.1.2.0.0 - Unauthenticated Remote Code Execution Exploit
Exploit for multiple platform in category remote exploits !/usr/bin/env python Sources: https://silentsignal.hu/docs/S2OracleGoldenGateGOLDENSHOWER.py https://blog.silentsignal.eu/2017/05/08/fools-of-golden-gate/ GOLDENSHOWER - Oracle GoldenGate unauthenticated RCE by Silent Signal Tested with:...
Oracle GoldenGate 12.1.2.0.0 - Remote Code Execution
!/usr/bin/env python Sources: https://silentsignal.hu/docs/S2OracleGoldenGateGOLDENSHOWER.py https://blog.silentsignal.eu/2017/05/08/fools-of-golden-gate/ GOLDENSHOWER - Oracle GoldenGate unauthenticated RCE by Silent Signal Tested with: Version 12.1.2.0.0 17185003...
Oracle 10/11g exp.exe - param file Local Buffer Overflow PoC Exploit
No description provided by source. !/usr/bin/python Oracle 10/11g exp.exe - param file Local Buffer Overflow PoC Exploit Date found approx: 9/3/2010 Software Link: http://www.oracle.com/technology/products/database/oracle10g/index.html Version: 10.x and 11g r1 r2 untested Tested on: Windows XP SP...
RedoWalker - Tool to explore Oracle database transaction logs
RedoWalker is a tool to explore Oracle database transaction logs, otherwise known as redo logs. Any time changes are made to the database server, for example after an INSERT, DELETE or UPDATE, they are recorded in the redo log. These redo logs are stored in a proprietary and undocumented format...
Oracle 1011g - exp.exe?file Local Buffer Overflow
Oracle 1011g - exp.exe?file Local Buffer Overflow !/usr/bin/python Oracle 10/11g exp.exe - param file Local Buffer Overflow PoC Exploit Date found approx: 9/3/2010 Software Link: http://www.oracle.com/technology/products/database/oracle10g/index.html Version: 10.x and 11g r1 r2 untested Tested on...
oracle-enum-users NSE Script
Attempts to enumerate valid Oracle user names against unpatched Oracle 11g servers this bug was fixed in Oracle's October 2009 Critical Patch Update. Script Arguments oracle-enum-users.sid the instance against which to attempt user enumeration tns.sid See the documentation for the tns library...
Oracle 11g (11.1.0.6) Password Policy and Compliance
Many security standards require the tracking of users' password history to prevent password re-use. In Oracle 11g 11.1.0.6, if a security administrator has enabled 11g passwords exclusively then tracking password history is broken. This can affect compliance. This was addressed by Oracle in their...
Oracle 11g Password Sniffing and Cracking-vulnerability warning-the black bar safety net
It's now possible for us to do sniffing oracle 11g password and cracking at the same time. If the old version of Cain & abel doesn't support oracle 11g , just try the newest version of it , Cain & Abel 4.9.25 . It supports the oracle 11g sniffing and password extractor. The thing that makes it...
Oracle 10g/11g - 'SYS.LT.FINDRICSET' SQL Injection (1)
!/usr/bin/perl http://rawlab.mindcreations.com/codes/exp/oracle/sys-lt-findricset.pl Oracle SYS.LT.FINDRICSET exploit 11g/10g Grant or revoke dba permission to unprivileged user Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.5.0" Fixed with CPU Oct. 2007 REF: Thanks to Joxean...
Oracle 10g/11g - 'SYS.LT.FINDRICSET' SQL Injection (2)
!/usr/bin/perl http://rawlab.mindcreations.com/codes/exp/oracle/sys-lt-findricsetV2.pl Oracle SYS.LT.FINDRICSET exploit 11g/10g - Version 2 - New "evil cursor injection" tip! - No "create procedure" privilege needed! - See: http://www.databasesecurity.com/ Cursor Injection Grant or revoke dba...