Metasploit Auxiliary module for Oracle FTP Script Write/Binary Download/Execute via Oracle Packages
3 years ago
00:00
118
More
2. Metasploit Auxiliary module for Oracle FTP Script …
3 years ago
As DBA (yea for SQLI) we use UTL_FILE to write out our FTP download script, using DBMS_SCHEDULER we create a job to run the script to download our binary and create a 2nd job to execute our binary and get our meterpreter shell. Oracle...Unbreakable.
check MC's video (requires java) on getting those DBA privs
w00t-shell.net/demos/CVE-2008-3996.html
check MC's video (requires java) on getting those DBA privs
w00t-shell.net/demos/CVE-2008-3996.html
FLV
00:01:58
1 Related collection
Statistics
| Date | Plays | Likes | Comments |
|---|---|---|---|
| Totals | 1,187 | 3 | 2 |
| Feb 15th | 0 | 0 | 0 |
| Feb 14th | 0 | 0 | 0 |
| Feb 13th | 0 | 0 | 0 |
| Feb 12th | 0 | 0 | 0 |
| Feb 11th | 0 | 0 | 0 |
| Feb 10th | 0 | 0 | 0 |
| Feb 9th | 1 | 0 | 0 |
Prev week
-
Vimeo: About / Blog / Developers / Jobs /
Community Guidelines /
Help Center / Video School / Music Store / Site Map
/ Vimeo
or 
-
Legal: TM + ©2012 Vimeo, LLC. All rights reserved. / Terms of Service / Privacy Statement / Copyright
the mixin and other oracle aux modules available here
metasploit.com/users/mc/ (not me)