Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

dailydave logo Dailydave mailing list archives

Oracle 0day for Free!
From: Dave Aitel <dave () immunityinc com>
Date: Mon, 03 Jul 2006 12:59:39 -0400
(or well, 60% off anyways :> )

So I wanted to note that Immunity and Argeniss have teamed up to offer
the public a new class that many may be interested in. This class will
be taught* *October 16th and 17th here in Miami Beach. Likewise, on July
24-27 Nicolas Waisman of Immunity is giving our Heap Overflow class,
which is a unique chance for many of you who are already fairly skilled
at stack overflows to take advantage of his rather amazing skills. You
can find out more about both classes here:
http://www.immunityinc.com/education-currentschedule.shtml .

*Hacking and Defending Oracle Databases*

Basically this course will teach you the latest techniques to hack and
protect Oracle Database servers.
*Students will get a bonus for a %60 discount on Argeniss Ultimate 0day
Exploits Pack (http://www.argeniss.com/products.html)

LEVEL:
* High

PREREQUISITE:
* Pretty basic knowledge of Oracle database administration and PL/SQL
language.
* Students should have their computer with Oracle Database installed.
   Some of the examples will require Oracle 10gR1 without patches on
Windows 2000 or Linux.

WHO SHOULD ATTEND THIS COURSE:
* Oracle Database Server Administrators.
* Developers using Oracle Databases that want to create secure applications.
* Auditors and penetration testers.
* Managers in charge of Information Security.
* You.

TOPICS:
1) Hacking and protecting the Oracle Listener
* Discovering Oracle Listeners
* Attacking Oracle Listeners
* Vulnerabilities in the Oracle Listener
* How to secure the Listener

2) Hacking and protecting user passwords
* Default users
* Getting user passwords in clear text
* Cracking user passwords (offline hash attacks and online attacks)
* How to protect user passwords
* Auditing users and passwords
* Using Profiles to ensure passwords are protected
* Using a Secure External Password Store

3) Getting security sensitive information
* Getting listener information
* Getting Oracle configuration
* Enumerating users, linked servers and other objects
* How this information can be used to hack the database
* How to protect

4) Vulnerabilities in the Oracle Database software
* Overview of Oracle database vulnerabilities
* SQL Injection in Oracle
* Exploiting PL/SQL Injection vulnerabilities
* Analyzing a PL/SQL Injection vulnerability
* How to exploit a PL/SQL buffer overflow vulnerability
* How to protect

5) SQL Injection
* Different kinds of SQL injection vulnerabilities
* Autonomous transactions
* Exploiting SQL injection vulnerabilities using different techniques
* How to view wrapped PL/SQL for SQL Injection vulnerabilities
* Advanced SQL Injection
* How to protect

6) Oracle Database rootkits & backdoors
* Rootkit & backdoor installation
* Implementing a rootkit & backdoor
* Detecting a rootkit & backdoor

7) Data theft attacks
* Advanced techniques
* Stealing a complete database
* Stealing data using a rootkit & backdoor
* Detecting attacks with database honeypots

8) IDS/IPS evasion techniques
* Database exploits encoding techniques

9) Data encryption
* Overview of database encryption
* Ways to implement data encryption

10) Auditing Oracle
* What can be audited in Oracle databases
* How to enable auditing
* Fine Grained auditing
* Auditing Administrative users
* Alert logs and trace files
* Analyzing audit trails
* Auditing using the redo log files (LogMiner)
* What should be audited

11) Secure configuration checklist
* Differences between existing checklists
* Review of a recommended security checklist

12) Security Patches
* Overview of Oracle Patches
* Problems with patches
* Detecting and solving problems

Trainer: Esteban Martínez Fayó

Esteban is a security researcher/consultant; he has discovered and
helped to fix multiple
security vulnerabilities in major vendor software products. He
specializes in application security,
he is recognized as the discoverer of most of the vulnerabilities in
Oracle server software and he
has also developed and researched novel Oracle attacks techniques.

Esteban currently works for Argeniss doing information security research
and developing security
related software solutions for Application Security Inc.





_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

  By Date           By Thread  

Current thread:
  • Oracle 0day for Free! Dave Aitel (Jul 03)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]