0x0Lab Blog Just another damn blog

19May/11Off

Oracle Auditing Toolkit

The Oracle Auditing Toolkit can be used to audit security within Oracle database servers. The toolkit consists of the following tools, written in Python:

  • Sidguesser
  • deforabf
  • orabf

sidguesser.py
Tries to guess sids against an Oracle Database according to a predefined dictionary file.

Syntax
[sidguesser]-by neuro [0x0lab.org]
usage: sidguesser.py <ip> <port> <sidlist>

Download: sidguesser

deforabf.py
Tries to guess default oracle accounts against an Oracle Database according to a predifined dictionary file.

Syntax
[deforabf]-by neuro [0x0lab.org]
usage: deforabf.py <defacclist> <ip> <port> <SID>

Download: deforabf

orabf.py
Tries to guess a user password against an Oracle Database according to a predifined dictionary file.

Syntax
[orabf]-by neuro [0x0lab.org]
usage: orabf.py <ip> <port> <SID> <username> <pwdlist>

Download: orabf

oracle client plus cx_Oracle python library is needed!!!!

Download: cx_Oracle Library

 

Posted by neuro

Filed under: Security Comments Off
Comments (0) Trackbacks (0)

Sorry, the comment form is closed at this time.

No trackbacks yet.