This is an updated version of bsqlbf. This now has the VALIDATE_REMOTE_RC() exploit which David Litchfield discussed in his paper
6:Type 6
is O.S code execution [ORACLE DBMS_REPCAT_RPC.VALIDATE_REMOTE_RC exploit]
This vulnerability was patched by Oracle in July 2009 Critical Patch Update. In a nutshell, if you have identified a SQL injection as 'SYS' user than this version of bsqlbf will let you execute OS code on remote Oracle database host.
I will be giving a demo of this at Sec-T on 11th September.
Download it Here