THE ART OF EXPLOITATION
Home Tools News Forum About the project Contact me RU EN

Oracle Security Tools (GUI)


This tool is supposed to solely test the security of DBMS Oracle 8i-9i, 10g. It helps to simulate the infiltration into the DBMS Oracle, with the help of the existent weaknesses. Works without Oracle Client and additional modules.

  • The privileges escalation of the Oracle users;

  • The verification of system accounts concerning the existence of a default password;

  • Account compliance test of login=password

  • The privileges escalation in the OS Windows 2000/XP/2003 (add a local user as root and holder of remote connection powers);

  • The infiltration into the OS and the execution of DOS-commands, holding the administrative rights.

  • Viewing the users' connections to the database and their activity;

  • Analyse the external TNS listener.log;

  • The multiline scanner of ports;

  • Testing for penetration (further development is in process)

Short summary with the screenshots.

Version

1.3 Beta

Size of the archive

951 kB

Operating system

Windows 2000/XP/2003

Update date

January, 8th, 2010

Interface language

English/Russian

Status

Free

Download (project support)

OraSecureTools.7z

Further developments of the new functions and enabling of the new exploits are in progress at the moment.

The exploits from the following sites were used during working out of this utility:

http://www.dsecrg.ru/pages/expl/

http://www.red-database-security.com/exploits/oracle_exploits.html

http://milw0rm.com/

http://www.exploit-db.com/

 

Ad space
  
  
  
Home | Tools | News | Forum | About the project | Contact me
Copyright © 2009-2010, cyber$nake