Sponsored Links

 

 

Home > Programming > Oracle Programming

 

Advanced Exploitation of Oracle PL/SQL Flaws

Source: www.blackhat.com
Topic: Oracle Programming

Short Desciption:
NGS Consulting Next Generation Security Software Ltd. What is PL/SQL? What is PL/SQL? • Procedural Language / Structured Query Language • Oracles extension to standard SQL Programmable like T-SQL ...

 

Content Inside:
NGS Consulting Next Generation Security Software Ltd. Advanced Exploitation of Oracle PL/SQL Flaws David Litchfield (davidl@ngssoftware. com) NGS Consulting Next Generation Security Software Ltd. Objectives Objectives • Discuss current "threat landscape" • Introduce a new class of vulnerability • Introduce a new method of attack • Show practical demonstrations • Look at some defences NGS Consulting Next Generation Security Software Ltd. Agenda Agenda • PL/SQL Risks • SQL Injection • "Dangling" Cursor Snarfing • Cursor Injection • Demonstrations • Grant DBA Privileges • Indirect Privilege Escalation NGS Consulting Next Generation Security Software Ltd. What is PL/SQL? What is PL/SQL? • Procedural Language / Structured Query Language • Oracles extension to standard SQL Programmable like T-SQL in the Microsoft world. • Used to create • Stored Procedures • Functions • Packages (collections of procedures and functions) • Triggers • Objects • Extends functionality with External Procedures and Java NGS Consulting Next Generation Security Software Ltd. Privileges - Definer vs. Invoker rights Privileges - Definer vs. Invoker rights • PL/SQL executes with the privileges of the definer • A procedure owned by SYS executes with SYS privileges • AUTHID CURRENT_USER keyword • PL/SQL created using the AUTHID CURRENT_USER keyword executes with the privileges of the invoker • A procedure owned by SYS but called by SCOTT executes with the privileges of SCOTT • Analogous to Suid programs in the *nix world. NGS Consulting Next Generation Security Software Ltd. Running SQL from PL/SQL Running SQL from PL/SQL • EXECUTE IMMEDIATE … • OPEN • DBMS_SQL • Key to Cursor Snarfing and Cursor Injection NGS Consulting Next Generation Security Software Ltd. DBMS_SQL DBMS_SQL DECLARE MY_CURSOR NUMBER; MY_RESULT NUMBE ...

 

add to Google Reader add to Google Bookmark add to bloglines add to newsgator add to FURL add to digg add to webnews add to Netscape add to Yahoo MyWeb add to spurl.net add to diigo Bookmark newsvine Bookmark del.icio.us Bookmark @ SIMPIFY Bookmark MISTER WONG Bookmark Linkarena Bookmark icio.de Bookmark oneview Bookmark folkd.com Bookmark yigg.de Bookmark reddit Bookmark StumbleUpon Bookmark Slashdot Bookmark blinklist Bookmark technorati add to blogmarks add to blinkbits add to ma.gnolia add to smarking.com add to netvouz add to co.mments add to Connotea add to de.lirio.us

 

Related PDF Files

Deploying Oracle Application Server with ZXTM


Topic: Oracle Programming

This is a group of IP address(s) which will be used to host the web application. 2. Create a new service for your Oracle AS cluster using the Traffic IP group . Create a Traffic IP Group Go to Services ...

Oracle Reports Tutorial


Topic: Oracle Programming

Oracle Reports Tutorial, 10 g Release 2 (10.1.2) B14364-01 Copyright © 2003, 2005, Oracle. ... Glossary-4 Java A computer language that supports programming for the Internet in the form of ...

PL/SQL Conditional Compilation use cases and best practice


Topic: Oracle Programming

PL/SQL conditional compilation 10-November-2005 www.oracle.com/technology/tech/pl_sql/pdf/ Plsql_Conditional_Compilation.pdf NOTE The following is intended to outline our general product direction.

MySQL for Oracle DBAs and Developers


Topic: Oracle Programming

Ronald Bradford, MySQL Inc MySQL Conference & Expo 2007 Page: 4 MySQL for Oracle Dudes Outline  DBA Tips, Tricks, Gotchas & Tools  Key Differences for Developers  Migrating from Oracle to MySQL  ...

Oracle Cryptographic Toolkit Programmers Guide


Topic: Oracle Programming

Each OCI function description contains the following informa- tion: Refer to Chapter 2, OCI Programming Basics, in the Programmers Guide to the Oracle Call Interface TM for an overview of the steps ...

 

Sponsored Links