Oracle Cheat Sheet
ADVERTISEMENT
1
2
3
4
5Hacking Oracle
–
-
Version 1.5.0 - 29-Jan-2008
11g R1
8.0
8i
9i R1
10g R2
9i R2
10g R1
Simple file
XMLDB installed and active
TNS-Listener without
ONS installed
OPS$ account
sharing
Modify
Password /
(create a user with
(connect to a DB
Login.sql /
(init.ora:
(onsctl start
the name of OPS$
ADMIN_RESTRICTION
running on Windows
Glogin.sql
dispatchers='(PROTOCOL=TCP)
Port 6200, <=10.1.0.4)
and login without pw)
XP with Simple File
(SERVICE=<ORACLE_SID>XDB)')
Sharing)
Port 2100(FTP), Port 8080 (HTTP)
9.2.0.6 Buffer
No R*services
Insert code like
9.2.0.1 Buffer Overflow
R*services installed
Amap against port
Overflow via long
installed
grant dba to public
via long FTP or HTTP
6200 crashes the ONS
FTP username
or
Net user oracle
Sqlplus /@ip/sid as
Password
service
( create file .rhosts
@http://
rdspw /add
sysdba
( create file glogin.sql
(unpublished, no
unix/mac: tnscmd10g.pl
(published, e.g.via
unix/mac: tnscmd10g.pl
published exploit
windows: tnslogfile.exe )
becomedba.sql
Metasploit-exploit)
windows: tnslogfile.exe )
avaiable)
ADVERTISEMENT
0 votes
Related Articles
Related forms
Related Categories
Parent category: Education