Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: RE: oracle VA/PT

RE: oracle VA/PT

From: Michael Gargiullo <mgargiullo_at_pvtpt.com>
Date: Fri, 30 Sep 2005 09:26:37 -0400

> Maybe because the default listener port is 1521?

True, but he said it was a default install, and the nessus plugin
usually will find it no matter what port.

There's also App Detective, which looks promising, but $$$.

-----Original Message-----
From: Joshua Wright [mailto:jwright_at_hasborg.com]
Sent: Wednesday, September 28, 2005 7:53 AM
To: Michael Gargiullo
Cc: pen-test_at_securityfocus.com
Subject: Re: oracle VA/PT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Michael Gargiullo wrote:
> I find it strange that nessus didn't even see an open port on 1421.

Maybe because the default listener port is 1521?

> There are a butt-load of Oracle plugins for nessus. More then 7 of
them
> are for remote shells.

For Oracle VA scanning, I've had good experiences with the NGS SQuirreL
product from NGSSoftware (http://www.ngssoftware.com/squirrelsql.htm).

A free trial is available to test it out.

- -Josh
- --
- -Joshua Wright
jwright_at_hasborg.com

2005-2006 pgpkey: http://802.11ninja.net/pgpkey.htm
fingerprint: F00E 7A42 8375 0C55 964F E5A4 4D2F 22F6 3658 A4BF

Today I stumbled across the world's largest hotspot. The SSID is
"linksys".
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)

iD8DBQFDOoQtTS8i9jZYpL8RAjGyAKCRU7bODbC7joNE44vcfZnioYmeqACeItys
dhBfcxIcPC/PH6wmJWKl0Xs=
=wJSI
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on
your
website. Up to 75% of cyber attacks are launched on shopping carts,
forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are
futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before
hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
------------------------------------------------------------------------
-------

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
Received on Oct 01 2005

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos