Services Vulnerabilities Exploits Publications News Blog About DSecRG

Whitepaper "Different ways to guess Oracle database SID"

Whitepaper This whitepaper is a result of our research in Oracle security and guessing Oracle database SID. In this document I collected all well-known public information about SID guessing and added new techniques which had been succerfully tested during our security audits.

Author: Alexandr Polyakov

Nowadays there is a lot of public information about Oracle security and different vulnerabilities that hacker can use to get access to the database. Many of these steps are good explained in public resources and in my paper "Oracle database security". Default user accounts are a big known problem, there are many information about it. As for vulnerabilities, there are only 10 percent of DBA’s regularly installing Critical Patch Updates. Access to OS files and shell can be obtained using many different techniques such as Extproc, Java, DBMS_JOB, UTL_FILE, DBMS_LOB and others. As for rootkits and cleaning-audit data, in this field hackers are one step behind DBA’s. In this information about Oracle security there is one part that is not very good explained as the others. I'm talking about getting Oracle SID. Without knowing Oracle database, SID attacker cannot get access to the database even if he knows username and password. With Oracle 10g getting database SID is not so trivial as before. That’s why I've decided to research this area and write this document as a result of my researching. In this whitepaper I've collected all the ways to get the database SID and add some new techniques.

Different_ways_to_guess_Oracle_database_SID_(eng).pdf, 1118 KB

Publications RSS RSS
Presentation "Light and Dark side of Code Instrumentation" from CONFidence Krakow 2012

Whitepaper "Python arsenal for Reverse Engineering" version 1.1

Whitepaper "Architecture and program vulnerabilities in SAP’s J2EE engine" from BlackHat USA 2011

Whitepaper "Python arsenal for Reverse Engineering" version 1.0

Publications list

© 2002—2014, ERPScan
For quoting or using materials from this site
link is obligatory

+44 (20) 81334493    e-mail:
Rss: Vulnerabilities, Exploits, News, Publications, Summary