Joxean Koret released version 0.05 of his free penetration toolkit called [1] Inguma. This tool is also implementing an exploit for one of the bugs (LT.FINDRICSET) fixed in the October 2007 CPU.

The name Inguma is coming from the basque [2] god of dreams who kills people while sleeping and, also, the one who make the nightmares.

Inguma, written in Phython, supports different systems (e.g. Oracle, SQL Server, SSH, Firewalls). The following features are Oracle specific:

* Added one exploit for the vulnerability in SYS.LT.FINDRICSET (Oracle CPU Oct. 2007).
* Added module “bruteora” to brute force Oracle servers. It will check
for every (commonly) possible user or for an specified user.
* Added a tool to crack MD5 hashes using freely available rainbow tables.
* Added module “sidguess” to guess the SID of an Oracle Database instance.
* Added a password cracker for Oracle11g.
* Enhanced the Oracle PL/SQL Fuzzer. Now, if you redirect the output
only the vulnerabilities found are logged, all the rest of the output
are written to stderr.

Here a screenshot from the tool on my [3] Backtrack 2 system:

Well done Joxean.