coelner/hacktricks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

GitBook: [master] 378 pages modified

Browse Source
This commit is contained in:
CPol 2020-09-30 11:39:32 +00:00 committed by gitbook-bot
parent 2ce6a1db1c
commit 0803f09a25
No known key found for this signature in database
GPG Key ID: 07D2180C7B12D0FF
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
pentesting/1521-1522-1529-pentesting-oracle-listener/README.md
View File

@ -131,7 +131,7 @@ Different tools offered **different user/pass lists** for oracle:
* **MSF-2:** _from scanner/oracle/oracle\_login_ _/usr/share/metasploit-framework/data/wordlists/oracle\_default\_userpass.txt_ \(568 lines\)
* **Nmap:** _/usr/share/nmap/nselib/data/oracle-default-accounts.lst_ \(687 lines\)
I have **mixed** all of them, **remove duplicates:**
I have **mixed** all of them and **removed duplicates:**
{% file src="../../.gitbook/assets/users-oracle.txt" %}
@ -168,10 +168,11 @@ sqplus SYSTEM/MANAGER@192.168.0.2/ORCL 'as sysdba'
**An interesting tool is oscanner**, which will try to get some valid SID and then it will brute-force for valid credentials and try to extract some information:
```bash
#apt install oscanner
oscanner -s <IP> -P <PORT>
```
Another tool that will do all of this it **odat**:
Another tool that will do all of this it [**odat**](https://github.com/quentinhardy/odat):
```bash
./odat.py all -s <IP> -p <PORT>