Infos

Sie befinden sich aktuell in den Alexander Kornbrust Oracle Security Blog Blog-Archiven für den folgenden Tag 20 Aug 2008.

Calendar

August 2008
M	D	M	D	F	S	S
« Jul		Okt »
	1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31

Kategorien

11g (11)
Allgemein (29)
David Litchfield (7)
Exploit (21)
Forensics (5)
Oracle Security (96)
passwords (8)
Repscan (1)
Security (21)
Sentrigo (5)
software (9)
source code audit (5)
SQL Injection (24)
Tools (24)
Trainings (2)
Tutorial (2)

Letzte Einträge

Links

Oracle Security
- RDS-blog (german)
- Repscan
SQL Injection
- RDS Oracle Exploits
- SQL Injection Cheat Sheet

Archive für 20 Aug 2008

New Oracle bugs and BSQL Hacker

20 Aug 2008 von Alexander Kornbrust.

Today I reported 6 new security vulnerabilities to Oracle (2 Data Vault, 2 Auditing, 1 Discoverer, 1 Password Verification Function). Even if Oracle Security is getting better (see also discussion on Pete’s Blog) there are still enough bugs available.

Portcullis Labs released their free scanner BSQL Hacker for detecting blind sql injection. BSQL Hacker is supporting Oracle, MSSQL and MySQL. At the moment I have no time to play longer with this tool but it looks promising (see video).

Geschrieben in Tools, Oracle Security | Drucken | 1 Kommentar »

Oracle Security

SQL Injection

Archive für 20 Aug 2008

New Oracle bugs and BSQL Hacker