Calendar
Kategorien
- 11g (8)
- Allgemein (25)
- checkpwd (4)
- CPUApril2009 (2)
- CPUJan2009 (3)
- CPUJul2009 (2)
- CPUOct2009 (3)
- David Litchfield (7)
- Exploit (19)
- Forensics (4)
- Oracle Security (76)
- passwords (7)
- SAP (1)
- Security (16)
- Sentrigo (5)
- software (7)
- source code audit (3)
- SQL Injection (20)
- Tools (18)
- Trainings (2)
- Tutorial (2)
Letzte Einträge
- 5 Feb 2010: Oracle Blackhat video removed from Website
- 4 Feb 2010: Oracle 11g 0day exploit published
- 30 Jan 2010: Selling stolen bank data to the government for 2.5 Million EUR?
- 6 Dez 2009: Dennis Yurichev wrote an article about his FPGA Oracle password cracker
- 29 Nov 2009: IGHASHGPU - Cracking Oracle Passwords with 790 Million Passwords/second
- 25 Nov 2009: How Oracle controls access to security vulnerabilities
- 17 Nov 2009: Metasploit 3.3 is out
- 17 Nov 2009: Security Workshop "Database Activity Monitoring Systems" in London
- 13 Nov 2009: New russian Oracle exploit tool "Oracle Security Tools" (updated)
- 8 Nov 2009: Oracle Database Vault is now certified with SAP
Links
Oracle Security
Other Blogs
SQL Injection
Trainings
Archive
- Februar 2010
- Januar 2010
- Dezember 2009
- November 2009
- Oktober 2009
- September 2009
- August 2009
- Juli 2009
- Mai 2009
- April 2009
- März 2009
- Februar 2009
- Januar 2009
- Dezember 2008
- November 2008
- Oktober 2008
- August 2008
- Juli 2008
- Mai 2008
- April 2008
- März 2008
- Februar 2008
- Januar 2008
- Dezember 2007
- November 2007
- Oktober 2007
- September 2007
- August 2007
- Juli 2007
- Juni 2007
- Mai 2007
« Security Workshop “Database Activity Monitoring Systems” in London | How Oracle controls access to security vulnerabilities »
Metasploit 3.3 is out
Metasploit 3.3, the leading exploit framework is out. Here an extract from the Metasploit blog:
“Oracle exploit support has been implemented through a tag-team effort between MC and Chris Gates, with assistance from Alexander Kornbrust. Oracle modules have been developed for exploiting TNS protocol stack and Web-based Oracle services, as well as post-authentication database-level privilege escalation flaws. ”
Version 3.3. (release notes) is the largest known ruby application (375,000 lines of code) and comes with some new Oracle features
- Support for the Oracle InstantClient Ruby driver as an exploit mixin
- Extensive support for exploitation and post-exploitation tasks against Oracle databases
Have fun using Metasploit.