|
The Oracle Auditing Tools is a toolkit that could be used to audit security within Oracle database servers. The OAT use CREATE LIBRARY to be able to access the WinExec function in the kernel32.dll in Windows or the system call in libc on Un*x. Having access to this function makes it possible to execute anything on the server with the same security context as the user who started the Oracle Service. So basicaly all accounts with default passwords, or easy guessable password, having this privelege...
Site: http://www.cqure.net/wp/test/
Hits: 33037
Comments: 1
|
Oscanner is an Oracle assessment framework developed in Java. It has a plugin-based architecture and comes with a couple of plugins that currently do: - Sid Enumeration - Passwords tests (common & dictionary) - Enumerate Oracle version - Enumerate account roles - Enumerate account privileges - Enumerate account hashes - Enumerate audit information - Enumerate password policies - Enumerate database links
The results are given in a graphical java tree.
Site: http://www.cqure.net/wp/oscanner/
Hits: 33220
Comments: 1
|