Alexander Kornbrust Oracle Security Blog » Print » Really good whitepaper about “Hacking Oracle from the Web”

Really good whitepaper about “Hacking Oracle from the Web”

Dieser Eintrag stammt von Alexander Kornbrust Am 22 Feb 2010 @ 17:09 In Exploit, SQL Injection, Security | Kommentarfunktion deaktiviert

Sumit Siddarth (Sid) has just published a really good whitepaper about “[1] Hacking Oracle from the Web“.This is the most comprehensive published collection of different techniques for attacking Oracle from the web. Sid spent a lot of time composing the different techniques mentioned in various presentations and whitepapers.

Sid describes various techniques like data extraction (inband techniques like union or error messages, out-of-band techniques like heavy queries, blind, …), privilege escalation (sys.kupp$proc, dbms_repcat_rpc and dbms_export_extension) and OS code execution.

Well done Sid.

Dieser Artikel wurde ausgedruckt ab Alexander Kornbrust Oracle Security Blog: http://blog.red-database-security.com

URL zum Artikel: http://blog.red-database-security.com/2010/02/22/really-good-whitepaper-about-hacking-oracle-from-the-web/

URLs in this post:
[1] Hacking Oracle from the Web: http://7safe.com/assets/pdfs/Hacking_Oracle_From_Web_2.pdf

Klicken hier zum Drucken.