search

Oracle TNS

  • used to facilitate communication between oracle databases and applications over the network

  • each database or service has a unique entry in the tnsnames.ora file

  • tools need to be downloaded for oracle tns using this script

    • #!/bin/bash

sudo apt-get install libaio1 python3-dev alien -y
git clone https://github.com/quentinhardy/odat.git
cd odat/
git submodule init
git submodule update
wget https://download.oracle.com/otn_software/linux/instantclient/2112000/instantclient-basic-linux.x64-21.12.0.0.0dbru.zip
unzip instantclient-basic-linux.x64-21.12.0.0.0dbru.zip
wget https://download.oracle.com/otn_software/linux/instantclient/2112000/instantclient-sqlplus-linux.x64-21.12.0.0.0dbru.zip
unzip instantclient-sqlplus-linux.x64-21.12.0.0.0dbru.zip
export LD_LIBRARY_PATH=instantclient_21_12:$LD_LIBRARY_PATH
export PATH=$LD_LIBRARY_PATH:$PATH
pip3 install cx_Oracle
sudo apt-get install python3-scapy -y
sudo pip3 install colorlog termcolor passlib python-libnmap
sudo apt-get install build-essential libgmp-dev -y
pip3 install pycryptodome

    • make sure it was correct using odat.py

  • Nmap

    • sudo nmap -p1521 -sV 10.129.204.235 --open

NMap SID bruteforcing

ODAT

SQLplus - Log In

If you come across the following error sqlplus: error while loading shared libraries: libsqlplus.so: cannot open shared object file: No such file or directory

Oracle RDBMS - Interaction

Oracle RDBMS - Database Enumeration

Oracle RDBMS - Extract Password Hashes

Oracle RDBMS - File Upload

test this by doing:

PreviousMSSQLNextIPMI

Last updated