16 Apr 2009 von Alexander Kornbrust.

I just uploaded 3 new Oracle security videos:

• Scan an Oracle database with Repscan 2.5 via GUI
• Scan an Oracle database with Repscan 2.5 via CLI
• Check Oracle passwords with Checkpwd 3.0 (with password plugins)
  

Trial version of Repscan available on the Sentrigo website.

Geschrieben in Tutorial, Sentrigo, software, Security | Drucken | Keine Kommentare »

4 Mrz 2009 von Alexander Kornbrust.

Today I uploaded a new video “Web Application Testing with Matrixay 2.5” (1024×768). In this video I am using Matrixay to extract the structure of a database (tables, columns, …) via a SQL Injection vulnerability in one of my vulnerable test applications (Oracle 11.1.0.7 & PHP). After that I am downloading the content of the table.

Matrixay is a really good and easy to use commercial web scanner from DBAppSecurity Ltd.

Matrixay supports all kind of databases (Oracle, MSSQL, MySQL, DB2, …) and can even do simple database audit (e.g. check for weak Oracle passwords, …).

More videos can be found in our video section. I will add more in the next few weeks.

Geschrieben in Tools, software | Drucken | Keine Kommentare »

20 Okt 2007 von Alexander Kornbrust.

Joxean Koret released version 0.05 of his free penetration toolkit called Inguma. This tool is also implementing an exploit for one of the bugs (LT.FINDRICSET) fixed in the October 2007 CPU.

The name Inguma is coming from the basque god of dreams who kills people while sleeping and, also, the one who make the nightmares.

Inguma, written in Phython, supports different systems (e.g. Oracle, SQL Server, SSH, Firewalls). The following features are Oracle specific:

* Added one exploit for the vulnerability in SYS.LT.FINDRICSET (Oracle CPU Oct. 2007).
* Added module “bruteora” to brute force Oracle servers. It will check
for every (commonly) possible user or for an specified user.
* Added a tool to crack MD5 hashes using freely available rainbow tables.
* Added module “sidguess” to guess the SID of an Oracle Database instance.
* Added a password cracker for Oracle11g.
* Enhanced the Oracle PL/SQL Fuzzer. Now, if you redirect the output
only the vulnerabilities found are logged, all the rest of the output
are written to stderr.

Here a screenshot from the tool on my Backtrack 2 system:

Well done Joxean.

Geschrieben in software, Oracle Security, Allgemein | Drucken | Keine Kommentare »

14 Okt 2007 von Alexander Kornbrust.

From time to time I’m doing research on Russian websites (with Google Translate) because you can find interesting information and tools. Last week I found a small program Oracle scanner called goss a GUI Oracle Scanner.

This tools contains features like getting the SID (similar to sidguess), password guessing, retrieve password hashes from the database, …

The output is displayed in a new window.

Some of the features in this tool where not working properly against my test databases.

Geschrieben in software, Security, Oracle Security, Allgemein | Drucken | Keine Kommentare »