Two papers on Oracle 11g Security
Hey all,
Since there seems to be a fair bit of disinformation, and utter nonsense,
floating around since my talk at the Black Hat Federal security conference
the other day, I have decided to publish the following papers.
http://www.databasesecurity.com/HackingAurora.pdf
http://www.databasesecurity.com/ExploitingPLSQLinOracle11g.pdf
Whilst the papers were written on the 14th and 21st of October respectively,
Oracle were informed on these issues discussed in these papers on the 11th
and 13th of October 2009.
The slides from the talk can be found here:
http://www.databasesecurity.com/bh-DC2010.pdf
Cheers,
David Litchfield
Ïà¹ØÎĵµ£º
ÓÃÃüÁîÐÐ(CMD)ÖÐÆô¶¯ºÍ¹Ø±ÕORACLE·þÎñ
¼àÌýÆô¶¯
lsnrctl start
¼àÌýÍ£Ö¹
lsnrctl stop
Æô¶¯Oracle
net start oracleservicesid
Í£Ö¹Oracle
net stop oracleservicesid
netÃüÁîÊÇwinϵͳÃüÁÆäËüµÄ·þÎñÆô¶¯ºÍÉÏÃæµÄÀàËÆ£¡
......
OracleÌṩµÄÐòºÅº¯Êý:
ÒÔemp±íΪÀý:
1: rownum ×î¼òµ¥µÄÐòºÅ µ«ÊÇÔÚorder by֮ǰ¾ÍÈ·¶¨Öµ.
select rownum,t.* from emp t order by ename
ÐÐÊý
ROWNUM
EMPNO
ENAME
JOB
MGR
HIREDATE
SAL
COMM
DEPTNO
1
11
7876
ADAMS
CLERK
7788
1987-5-23
1100
¡¡
20
2
2
7499
ALLEN
SALESMAN
7698
......
¹¦ÄÜ£ºOracleÊý¾Ýµ¼Èëµ¼³öimp/exp¾ÍÏ൱ÓëoracleÊý¾Ý»¹ÔÓ뱸·Ý¡£´ó¶àÇé¿ö¶¼¿ÉÒÔÓÃOracleÊý¾Ýµ¼Èëµ¼³öÍê³ÉÊý¾ÝµÄ±¸·ÝºÍ»¹Ô£¨²»»áÔì³ÉÊý¾ÝµÄ¶ªÊ§£©¡£
¡¡¡¡OracleÓиöºÃ´¦£¬ËäÈ»ÄãµÄµçÄÔ²»ÊÇ·þÎñÆ÷£¬µ«ÊÇÄã×°ÁËoracle¿Í»§¶Ë£¬²¢½¨Á¢ÁËÁ¬½Ó £¨Í¨¹ýnet8 assistantÖб¾µØ——>·þÎñÃüÃû Ìí¼ÓÕýÈ·µÄ·þÎñÃüÃû
¡¡¡¡Æ ......
http://tech.163.com/05/0701/10/1NIODMQS00091589.html
ÒòΪÔÚPL/SQL Öв¢Ã»ÓÐÊý×é.
ÕâÊÇż²é×ÊÁÏÕҵķ¶ÀýºÍ×Ô¼ºÐ´µÄ·¶ÀýÀ´½âÊÍÈçºÎÔÚPL/SQL ÖÐʹÓÃÊý×é. Ò²ÐíºÜ¶àÈËÒÑÖªµÀ, ²»¹ý¾ÍÊÇÈò»ÖªµÀµÄÅóÓÑÃÇÁ˽âһϰɡ£
----------------------
µ¥Î¬Êý×é
------------------------
DECLARE
TYPE
emp_ssn_array IS TA ......
Create directoryÈÃÎÒÃÇ¿ÉÒÔÔÚOracleÊý¾Ý¿âÖÐÁé»îµÄ¶ÔÎļþ½øÐжÁд²Ù×÷£¬¼«´óµÄÌá¸ßÁËOracleµÄÒ×ÓÃÐԺͿÉÀ©Õ¹ÐÔ¡£
ÆäÓ﷨Ϊ:
CREATE [OR REPLACE] DIRECTORY directory AS 'pathname';
±¾°¸Àý¾ßÌå´´½¨ÈçÏÂ:
create or replace directory exp_dir as '/tmp';
Ŀ¼´´½¨ÒԺ󣬾ͿÉÒ԰ѶÁдȨÏÞÊÚÓèÌض¨Óû§ ......
