Penetration Testing: Re: Re: Open Source Database Auditing

[toggmeister () vulnerabilityassessment co uk]

Hi all,
  OAT from Cqure.net was suggested as a tool that may help, the only trouble with testing against 10g with this is it 
simply will not work unless you physically supply the SID of the database you are testing against.

I have used this tool for quite a while now and even with manually supplying the SID with the -d option, most times I 
get a failed response.

Listener Security has been tightened from 10g and this tool, oscanner and getsids from cqure are more predominately 
useful for earlier versions of Oracle. (They are highly recommended for 9 - almost certainly gets me a valid username 
and password every time.) In addition the in-built accounts.default file only has about 120 Oracle usernames and 
passwords as default.  I have customised my version of this file to include the 600+ that are currently known which 
just needs to replace the in-built one.  It is available from:

http://www.vulnerabilityassessment.co.uk/accounts.default

A number of other tools exist, which are free to use and specifically work on 10g links at:

http://www.vulnerabilityassessment.co.uk/oracle.htm

A fuller list of tools including commercial variants can be found at:

http://www.petefinnigan.com/tools.htm

For background and exploit info check out Alex Kornbrust excellent site:

http://www.red-database-security.com/

In depth white Papers and excellent, (albeit expensive tools), can be found at:

http://www.ngssoftware.com/

Hope this helps

Rgds.

Kev
http://www.vulnerabilityassessment.co.uk

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------