mirror of
https://github.com/carlospolop/hacktricks.git
synced 2023-12-14 19:12:55 +01:00
GitBook: [master] 378 pages modified
This commit is contained in:
parent
2ce6a1db1c
commit
0803f09a25
1 changed files with 3 additions and 2 deletions
|
@ -131,7 +131,7 @@ Different tools offered **different user/pass lists** for oracle:
|
|||
* **MSF-2:** _from scanner/oracle/oracle\_login_ _/usr/share/metasploit-framework/data/wordlists/oracle\_default\_userpass.txt_ \(568 lines\)
|
||||
* **Nmap:** _/usr/share/nmap/nselib/data/oracle-default-accounts.lst_ \(687 lines\)
|
||||
|
||||
I have **mixed** all of them, **remove duplicates:**
|
||||
I have **mixed** all of them and **removed duplicates:**
|
||||
|
||||
{% file src="../../.gitbook/assets/users-oracle.txt" %}
|
||||
|
||||
|
@ -168,10 +168,11 @@ sqplus SYSTEM/MANAGER@192.168.0.2/ORCL 'as sysdba'
|
|||
**An interesting tool is oscanner**, which will try to get some valid SID and then it will brute-force for valid credentials and try to extract some information:
|
||||
|
||||
```bash
|
||||
#apt install oscanner
|
||||
oscanner -s <IP> -P <PORT>
|
||||
```
|
||||
|
||||
Another tool that will do all of this it **odat**:
|
||||
Another tool that will do all of this it [**odat**](https://github.com/quentinhardy/odat):
|
||||
|
||||
```bash
|
||||
./odat.py all -s <IP> -p <PORT>
|
||||
|
|
Loading…
Reference in a new issue