最近在搞oracle,一些小东西记录一下。
Metasploit是一个很好的攻击工具包,当然我们这次不是介绍这个工具包的,主要是大牛MC写 了很多oracle的工具,在最近会经常用。我主要会用到经典工具tnscmd移植到MSF中的小工具(不如pl的好用,没换行,看结果很 累),sid_brute和login_brute,用的最多的还是暴力破解oracle用户名和密码的login_brute。下面就说下怎么安装和使 用,主要是安装,因为有些需要注意的东西,请注意斜体字。
阅读全文 »
作者:Sh@dow
之前按照国外的方法,虽然能够成功的运行autopwn,但是设置起来灰常麻烦,现在按照自己总结的简单的方法,贴出来详细的设置步骤。
首先我们找到创建数据表的sql文件
Tags: Autopwn, Metasploit, MySQLroot@ubuntu:/pentest/exploits/framework3/data# cd sql
root@ubuntu:/pentest/exploits/framework3/data/sql# ls
mysql.sql postgres.sql sqlite.sql
Posted by CG
Thank MC for this one…
http://metasploit.com/users/mc/oracle9i/brute_login.rb
msf > use auxiliary/admin/oracle/brute_login
msf auxiliary(brute_login) > set RHOST 172.16.102.130
RHOST => 172.16.102.130
msf auxiliary(brute_login) > info
阅读全文 »
Posted by CG
Last post we got to where we could execute SQL queries on the box and were able to see Scott’s permissions.
Let’s use the SQLI auxiliary modules to see if we can add the DBA privilege to Scott’s account.
As you recall….
msf auxiliary(oracle_sql) > run
[*] Sending SQL…
[*] SCOTT,CONNECT,NO,YES,NO
[*] SCOTT,RESOURCE,NO,YES,NO
[*] Done…
[*] Auxiliary module execution completed
阅读全文 »
Posted by CG
Every so often you come across an open 1521 on a pentest.
1521/tcp open oracle
But what to do? There aren’t a ton of what I consider usable Oracle exploits out there, and the ones that are there involve installing a bunch of extra libraries, and we know thats “tough” to do. Thankfully MC has done all the work for us and created the metasploit mixin and modules. **Need help getting the mixin installed? See my file format post.
阅读全文 »
本文已发表在专家栏:
http://netsecurity.51cto.com/art/200803/66693.htm
【51CTO.com 专家特稿】在文章《Immunity canvas安全检测工具简介》中,叶子对三个安全漏洞检测工具Metasploit、Immunity 阅读全文 »
溢出工具包:Metasploit使用说明 ,今天看到一个跟 Metasploit 有关的工具– MSF eXploit Builder 。
看名字就应该知道什么意思了吧?
官方的说明:
MSF-eXploit Builder is a Windows (actually) handy graphical tool to build MetaSploit Framework exploit modules.
阅读全文 »
