The following url contains a cheat sheet for Oracle SQL Injection. Not complete, some statements are a little bit complicated (e.g. SELECT table_name FROM all_tables WHERE TABLESPACE_NAME=’USERS‘ or SELECT username, FROM all_users UNION SELECT name, password FROM sys.user$, better: SELECT name, password FROM sys.user$ where type#=1).
Archive for Oktober 2nd, 2007
ORACLE SQL Injection Cheat Sheet
Dienstag, Oktober 2nd, 2007THC released the password cracker „OrakelCrackert“ for Oracle 11g
Dienstag, Oktober 2nd, 2007Van Hauser from THC told me today that vonjeek/THC from released a password cracker for Oracle 11g on the THC website called OrakelCrackert. OrakelCrackert checks approx. 400.000 passwords/second on my 2 GHz Core2Duo and has a similar speed as checkpwd 2.0 (which will be released next week).
In this blog entry I mentioned that OrakelCrackert comes with the dictionary file from checkpwd. This is not true and I really apologize for this wrong accusation. In the case of OrakelCrackert I was looking for my lastname which is really unusual (not part of a normal dictionary)
But the other sidguessing tools (sidguesser, ora-getsid, coss) took my list of Oracle SIDs. „Taking“ such collections without giving credentials is not unusual. The tools for guessing SIDs (e.g. . sidguesser from Cqure or ora-getsid from NGS Software) for example are taking the SID list I composed via Google Hacking, manual editing, …. without mentioning my work.
As a consequence of this wrong accusation of vonJeek I recreated the dictionary file for checkpwd 2.0 and I will document where I took the passwords from. This will become another blog entry.
Bugfix for Sidguess for Windows / MacOSX
Dienstag, Oktober 2nd, 2007Yesterday I uploaded an updated version of sidguess for Windows and MacOSX. In this version (1.0.2) the brute force mode for guesssing SIDs is now working properly.
