Blackhat 2010 Presentation “Oracle, Interrupted: Stealing Sessions and Credentials” online
Dieser Eintrag stammt von Alexander Kornbrust Am 18 Apr 2010 @ 15:44 In Tools, Exploit, Oracle Security | Kommentarfunktion deaktiviert
The Blackhat Europe 2010 “Oracle, Interrupted: Stealing Sessions and Credentials” ([1] presentation, [2] whitepaper) of Steve Ocepek and Wendel G. Henrique are online. An interview with Steve about the talk can be found [3] here.
As mentioned in a [4] previous blog post this talk shows how to intercept unencrypted (=default) TNS connections and inject statements into a running session. Steve and Wendel will soon release 2 tools Vamp and thicknet.
I will try to present these tools at the [5] DOAG Expertenseminar in Berlin.
[6] 
A [7] good summary of the talk can be found at Peter Van Eeckhoutten’s blog.
Dieser Artikel wurde ausgedruckt ab Alexander Kornbrust Oracle Security Blog: http://blog.red-database-security.com
URL zum Artikel: http://blog.red-database-security.com/2010/04/18/blackhat-2010-presentation-oracle-interrupted-stealing-sessions-and-credentials-online/
URLs in this post:
[1] presentation: http://blog.red-database-security.comhttps://media.blackhat.com/bh-eu-10/present
ations/Henrique_Ocepek/BlackHat-EU-2010-Henrique-Ocepek-Oracle-Interrupted-slides.pdf
[2] whitepaper: http://blog.red-database-security.comhttps://media.blackhat.com/bh-eu-10/whitepa
pers/Henrique_Ocepek/BlackHat-EU-2010-Henrique-Ocepek-Oracle-Interrupted-wp.pdf
[3] here: http://netsecpodcast.com/?p=264
[4] previous blog post: http://blog.red-database-security.com/2010/04/12/man-in-the-middle-attacks-at-up
coming-black-hat-europe/
[5] DOAG Expertenseminar: http://www.red-database-security.com/doag_expertenseminar.html
[6] Image: http://www.red-database-security.com/doag_expertenseminar.html
[7] good summary: http://www.corelan.be:8800/index.php/2010/04/16/blackhat-europe-2010-barcelona-d
ay-10/
Klicken hier zum Drucken.