Oracle Auditing Toolkit
The Oracle Auditing Toolkit can be used to audit security within Oracle database servers. The toolkit consists of the following tools, written in Python:
- Sidguesser
- deforabf
- orabf
sidguesser.py
Tries to guess sids against an Oracle Database according to a predefined dictionary file.
Syntax
[sidguesser]-by neuro [0x0lab.org]
usage: sidguesser.py <ip> <port> <sidlist>
Download: sidguesser
deforabf.py
Tries to guess default oracle accounts against an Oracle Database according to a predifined dictionary file.
Syntax
[deforabf]-by neuro [0x0lab.org]
usage: deforabf.py <defacclist> <ip> <port> <SID>
Download: deforabf
orabf.py
Tries to guess a user password against an Oracle Database according to a predifined dictionary file.
Syntax
[orabf]-by neuro [0x0lab.org]
usage: orabf.py <ip> <port> <SID> <username> <pwdlist>
Download: orabf
oracle client plus cx_Oracle python library is needed!!!!
Download: cx_Oracle Library