00:00
101
We run the simple Oracle CGI scanner which looks for servlets and URLs that may give interesting information or if we are lucky th SID. We run the spy_sid.rb module to extract the SID from the Servlet/Spy URL and also we see that the host has the enterprise manager running. We run the oas_sid.rb module that will try to extract the SID from oracle hosts running Enterprise Manger.
We need the SID to connect to an Oracle instance.
Loading more stuff…