module
Oracle SMB Relay Code Execution
| Disclosed | Created |
|---|---|
| 2009-04-07 | 2018-05-30 |
Disclosed
2009-04-07
Created
2018-05-30
Description
This module will help you to get Administrator access to OS using an unprivileged
Oracle database user (you need only CONNECT and RESOURCE privileges).
To do this you must firstly run smb_sniffer or smb_relay module on your sever.
Then you must connect to Oracle database and run this module Ora_NTLM_stealer.rb
which will connect to your SMB sever with credentials of Oracle RDBMS.
So if smb_relay is working, you will get Administrator access to server which
runs Oracle. If not than you can decrypt HALFLM hash.
Oracle database user (you need only CONNECT and RESOURCE privileges).
To do this you must firstly run smb_sniffer or smb_relay module on your sever.
Then you must connect to Oracle database and run this module Ora_NTLM_stealer.rb
which will connect to your SMB sever with credentials of Oracle RDBMS.
So if smb_relay is working, you will get Administrator access to server which
runs Oracle. If not than you can decrypt HALFLM hash.
Author
Sh2kerr research[ad]dsecrg.com
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.