Another Heavy-Duty Backdoor

• On most implementations, all users in the O/S DBA group can run the SQL*DBA utility, type the string “CONNECT INTERNAL” and be logged in as SYS without supplying a password (very suave)

• Use of the SQL*DBA program SHOULD be locked down (but usually isn’t)

• Hack won’t work on NT due to the way NT handles Groups (requires password)

Previous slide

Next slide

Back to first slide

View graphic version