module
Oracle SMB Relay Code Execution
| Disclosed | Created |
|---|---|
| Apr 7, 2009 | May 30, 2018 |
Disclosed
Apr 7, 2009
Created
May 30, 2018
Description
This module will help you to get Administrator access to OS using an unprivileged
Oracle database user (you need only CONNECT and RESOURCE privileges).
To do this you must firstly run smb_sniffer or smb_relay module on your server.
Then you must connect to Oracle database and run this module Ora_NTLM_stealer.rb
which will connect to your SMB server with credentials of Oracle RDBMS.
So if smb_relay is working, you will get Administrator access to server which
runs Oracle. If not than you can decrypt HALFLM hash.
Oracle database user (you need only CONNECT and RESOURCE privileges).
To do this you must firstly run smb_sniffer or smb_relay module on your server.
Then you must connect to Oracle database and run this module Ora_NTLM_stealer.rb
which will connect to your SMB server with credentials of Oracle RDBMS.
So if smb_relay is working, you will get Administrator access to server which
runs Oracle. If not than you can decrypt HALFLM hash.
Author
Sh2kerr research[ad]dsecrg.com
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.