Oracle DB SQL Injection In MDSYS.SDO_TOPO_DROP_FTBL Trigger

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection in MDSYS.SDOTOPODROPFTBL Trigger', 'Description' = %q This module will escalate an Oracle DB user to MDSYS by exploiting ...

Oracle DB SQL Injection in MDSYS.SDO_TOPO_DROP_FTBL Trigger

This module will escalate an Oracle DB user to MDSYS by exploiting a sql injection bug in the MDSYS.SDOTOPODROPFTBL trigger. After that exploit escalate user to DBA using "CREATE ANY TRIGGER" privilege given to MDSYS user by creating evil trigger in system scheme 2-stage attack. This module...