Skip to content

Debugging and Reverse engineering with IDA Pro

Debugging and Reverse engineering with IDA Pro published on

In this post we are going to see how IDA Pro will be used to reverse engineer, discover a BUG, and use the IDA’s remote debugger functionality to build a functional exploit on an ELF-type application.

Reverse Engineering + Exploit ELF + IDA Pro (Stack Buffer Overflow 1B)

Operating system command execution through an oracle database

Operating system command execution through an oracle database published on

In this post we are going to talk of how you can execute operation systems commands through an Oracle database using DBMS_SCHEDULER in two differents scenarios. you can leverage this feature which is integrated in Oracle.

1.- Directly to a database
2.- SQL Injection

Operating system command execution through an Oracle database

Privileges escalation in an Oracle database II

Privileges escalation in an Oracle database II published on

In this post we are going to see how to obtain DBA privileges in an Oracle database using TRIGGERS. For this post it can assume that you have a valid credentials as well as SID, otherwise you can go back to the first post Hacking Oracle, first thing that you should do is connect to database with a client, for this post will be Aqua Data, once you are connected to the database you need to discover what kind of privileges the user has, the previous task can be achieved with the following command.

Oracle hacking II

 

Privileges escalation in an Oracle database I

Privileges escalation in an Oracle database I published on

In this post we are going to talk of how to get DBA privileges in an Oracle database using a PROCEDURE, for this post you can skip the first part if you have a valid credential of the database and go directly to the getting DBA privileges section, otherwise you can follow the whole post. First thing is scan a network to find an Oracle database, in order to achieve it, you can use nmap with the following command, as shown in the following image.

Oracle hacking

Primary Sidebar