Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Testing ORACLE application
From: "Rodrigo Montoro (Sp0oKeR)" <spooker () gmail com>
Date: Mon, 7 Jan 2008 16:47:45 -0200

Hacking Oracle with Backtrack
http://www.red-database-security.com/wp/itu2007.pdf

THC has a cracker too
http://freeworld.thc.org/thc-orakelcrackert11g/


http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html has a
lot of oracle test too.


Regards,

Rodrigo Montoro (Sp0oKeR)


On Jan 3, 2008 5:55 PM, Victor Stinner <victor.stinner () haypocalc com> wrote:
Hi,

On Wednesday 02 January 2008 11:01:33 ahgaber_rehan () yahoo com wrote:
I am in process of testing some web based oracle applications, I need to
know what has to be tested and recommended tools I can use.

Simply ( pen testing guide for ORACLE application)

A friend pointed by to Inguma, fuzzer which targets especially Oracle:
   http://inguma.sourceforge.net/

See for example this video:
   http://inguma.sourceforge.net/text/inguma_text.html

We can see commands to: scan port, guess Oracle version, guess SID, bruteforce
password, ...

Victor
http://fusil.hachoir.org/ -- new release (0.7) of the fuzzer today


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------





-- 
=========================
     Rodrigo Ribeiro Montoro
      Analista de Seguran├ža
    SnortCP / RHCE / LPIC-I
 http://spookerlabs.multiply.com
=========================

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]