The Oracle Hacker's Handbook-Hacking and Defending Oracle Introduction
Table of Contents
Chapter 1-Overview of the Oracle RDBMS
- Processes
- The File System
- The Network
- Oracle Patching
- Wrapping Up
- The TNS Protocol
- Getting the Oracle Version
- Wrapping Up
- The Aurora GIOP Server
- The XML Database
- Wrapping Up
- Attacks Against the Crypto Aspects
- Default Usernames and Passwords
- Account Enumeration and Brute Force
- Wrapping Up
- PL/SQL Execution Privileges
- Wrapped PL/SQL
- Working without the Source
- PL/SQL Injection
- Investigating Flaws
- Direct SQL Execution Flaws
- PL/SQL Race Conditions
- Auditing PL/SQL Code
- The DBMS_ASSERT Package
- Some Real-World Examples
- Examples of Exploiting Triggers
- Wrapping Up
- Wrapping Up
- Defeating VPDs with Raw File Access
- General Privileges
- Wrapping Up
- Recognizing the Oracle PL/SQL Gateway
- Verifying the Existence of the Oracle PL/SQL Gateway
- Attacking the PL/SQL Gateway
- Wrapping Up
- Running OS Commands through Java
- Running OS Commands Using DBMS_SCHEDULER
- Running OS Commands Directly with the Job Scheduler
- Running OS Commands Using ALTER SYSTEM
- Wrapping Up
- Accessing the File System Using Java
- Accessing Binary Files
- Exploring Operating System Environment Variables
- Wrapping Up
- Encrypting Data Prior to Exfiltrating
- Attacking Other Systems on the Network
- Java and the Network
- Database Links
- Wrapping Up
Appendix A-Default Usernames and Passwords
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment