Table of Contents
Hacking Oracle - 101
Usual Disclaimer
Absolutely Necessary Disclaimer
Oracle Defined
Value Of This Knowledge
Oracle SQL Tools
Other Oracle Tools
Programming Languages for Oracle
Oracle Data Storage
Identifying Oracle Existence
Logon Requirements
Identifying Valid Environment Variables
Oracle Userid Types
Oracle Authentication Options
Operating System Authentication
Operating System Authentication (cont.)
Userid & Password Authentication
Userid & Password Authentication (cont.)
Userid & Password Authentication (cont.)
X.509 Certificate Authentication
Smart Card Authentication
Another Heavy-Duty Backdoor
Access to Oracle Data
Access to Oracle Data (cont.)
Access to Oracle Data (cont.)
Oracle System Privileges/Roles
Access To System Privileges/Roles
Oracle Auditing
Oracle Auditing (cont.)
Denial Of Service Anyone?
Oracle Password Management
What Does The Previous Slide Suggest?
Exceptions To The Rule
Checking Out Password Management
Security of Oracle TCP/IP Sessions
Security of Oracle TCP/IP Sessions (cont.)
Security of Oracle TCP/IP Sessions (cont.)
Useful SQL Statements
Useful SQL Statements (cont.)
Useful SQL Statements (cont.)
Useful SQL Statements (cont.)
Useful SQL Statements (cont.)
Useful SQL Statements (cont.)
Useful SQL Statements (cont.)
Useful SQL Statements (cont.)
Useful SQL Statements (cont.)
Useful Security Tables
Questions (Possibly Answers). |