A pentest? Did someone hire you to do this?
I need to do a pentest for oracle on the lan so I looked and find only a tutorial on how to perform it with BT 2.0 does someone has a guide how to do it with BT 4.2?
thanks a lot
well a client hired me to to an internal pentest and I discovered 2 Oracle servers so I wanted to try to exploit them.
why you are so surprised?
any ideas which tools/metodology to use?
He is not surprised he asked you a question.
In a pentest you should only test what you were hired to test, so normally they would tell you what to focus on and what you should not tuch, so I'd think twice about those servers. However if he did also give you approval to test those 2 servers I would tell him to hire someone who with the appropriate knowledge.
Now wait up. Evidently, "Juan" doesn't know what he's doing...but isn't that what this forum is for?
What sickness is trying to say is that if someone dosent know what they are doing, they really shouldn't be taking on a job to test the security of someones network. The OP didn't really give too many details on what he is trying to do so i don't want to assume anything.
Surprised specifically about the notion that someone who has been hired to perform a job would be coming here to ask for tutorials on how to do it. Not asking for help on some specific, niggling little detail about the job mind you, but essentially asking for links to a step by step reference to do the whole thing. Being asked that by someone who claims to be a professional pentester, as opposed to an enthusiast who wants to learn or a sysadmin who has been asked to expand their job description, makes me a little suspicious that someone is not being straight with me.
But maybe Im just overly suspicious, so here goes with the tips... start by scanning the servers, find open ports and check for vulnerabilities. Dont forget vulnerabilities in the OS or other running services. Also search for details on each service to find details on how to attack it. Then see if you can obtain access via an SQL client - there are lots of things you can do from there. Can you bypass authentication or discover logon details by any of the normal authentication attacks? What abut interactions between those Oracle servers and other systems? Are there web front ends, are there db client apps? These could provide a way in for getting SQL access.
David Litchfield has written a number of books on the subject which are good references, including the Database Hackers Handbook and the Oracle Hackers handbook (I have a copy of this signed by the author).
ok I did find a hole in the server. I was able to broute force one of the users.
thanks for the help from all of you especially to you lupin !
Maybe I should just go out there and start to perform surgeries on people. I mean hey, I might be lucky and have success.
Tiocfaidh ár lá