8 Apr 2010 von Alexander Kornbrust.

Today I want to present the Netsparker Community Edition.

Netsparker (from Mavituna Security) is the best web application scanner I know. Easy to use and a really good web application scanning results.  It saved me a lot of time and helped me to find security bugs in Oracle applications (Enterprise Manager).

The best thing: The new community edition is free (OK, with some limitations).

The commercial versions have even more interesting features like Time Based Blind SQL Injection, Remote Code Injection, OS Level Command Injection , CRLF / HTTP Header Injection / Response Splitting, …. The entire feature (and price) list is available here.

Here is a screenshot from Netsparker:

If you are interested just download the community edition.

Geschrieben in software, Security, Allgemein | Drucken | Keine Kommentare »

24 Mrz 2010 von Alexander Kornbrust.

Today Laszlo sent me an email that he published the English version of his Hacktivity 2009 talk “Oracle authentication” on his webpage. Laszlo was so nice to give me an English private session last year at the Hacktivity in Budapest.

His presentation contains the following topics:

• Introduction
• Oracle native authentication (database)
• Downgrade (Flash Demo)
• Windows authentication
• Module for Squirtle (Flash Demo)
• pytnsproxy  (Flash Demo)

I like the part where Laszlo shows how to hijack an Oracle session.

This presentation is a must for everyone interested in the Oracle authentication process.

Well done Laszlo.

Geschrieben in Tools, 11g, Oracle Security, Allgemein | Drucken | 1 Kommentar »

23 Feb 2010 von Alexander Kornbrust.

The latest version 3.0 of our database scanner Repscan is now available. This new version supports MS SQL Server and Oracle databases. Repscan comes with a large amount of new features and a complete new GUI (First database scanner with Office-2007 UI).

Here some of the new features of Repscan 3.0:

• Support for MS SQL Server (2000, 2005, 2008)
• Extremely user-friendly database configuration wizard (screenshot)
• Flexible tree control (re-group databases by status, hierarchy, …) (screenshot)
• Database security browser with drill down functionality (PDF, XLS, … export) (screenshot, screenshot)
• New reports (performance, used_features, …)
• Data Discovery (SSN, PII, Creditcard, Passwords, …)
• Database Enumeration (custom, NMap support) (screenshot)
• Pentest Features (Guess SID, Check default username/password combinations, …)
• Exploit & Code Library (screenshot)
• Version and Patch Information
• Skins

Here some (old) features of Repscan:

• Password plugin architecture
• Password plugins for Oracle DES, SHA1, OID, APEX, OVS
• Commandline features
• PL/SQL Source Code Analysis Report

Here some statements of Repscan 3.0 users:

“Repscan Rocks”, “I must have this tool.”, “Very cool stuff”, “really like the clean interface… checks are great”, “…tend to be more Oracle security information hub than just scanner :-)”

Over the next  few weeks I will show here more details of some Repscan 3.0 features.

If you want to test Repscan 3.0 you can download it from our exclusive distributor Sentrigo

Geschrieben in software, Tools, source code audit, Security, Oracle Security, Allgemein | Drucken | Keine Kommentare »

15 Feb 2010 von Alexander Kornbrust.

Mike Smithers, a former colleague, maintains a nice blog called “The Anti-Kyte“. He wrote a really interesting article “Self-Inflicted SQL Injection – don’t quote me !” about SQL Injection in Oracle.

Well written Mike.

Geschrieben in SQL Injection, Oracle Security, Allgemein | Drucken | Keine Kommentare »

5 Feb 2010 von Alexander Kornbrust.

Blackhat removed the video from David Litchfield (containing the 0day exploit code for 11g) from their website. But it’s too late because the 0day code for 11g can be found in the meantime in many places.

The video was downloaded several times and it’s just a question of time until it re-appears…

BTW Oracle 10.2.0.4 with all security patches is vulnerable against this issue too. But the exploit must be modified a little bit.

Geschrieben in 11g, Exploit, David Litchfield, Allgemein | Drucken | 5 Kommentare »