Description
- Oracle Transparent Network Substrate (TNS) server allows clients to connect to Oracle databases
- supports IPX/SPX and TCP/IP protocol stacks
- enables encryption
- System Identifier (SID) identifies database instance, identifies instance of database to connect to
Port
- listener listens for connections on TCP port 1521
Interaction / Commands
SID bruteforcing with Nmap
sudo nmap -p1521 -sV IP_Address --open --script oracle-sid-brute
- use Oracle Database Attacking Tool (ODAT) for exploitation
./odat.py all -s IP_Address
- use SQLplus for interacting with Oracle database
sqlplus username/password@IP_Address/XE
select table_name from all_tables;
sqlplus username/password@IP_Address/XE as sysdba
select name, password from sys.user$;
Footprinting
sudo nmap -p1521 -sV IP_Address --open