Metasploit Penetration Testing Framework
Oracle Account Discovery.
This module uses a list of well known default authentication credentials to discover easily guessed accounts.
Rank
- Normal
Authors
- MC < mc [at] metasploit.com >
References
- http://www.petefinnigan.com/default/oracle_default_passwords.csv
- http://seclists.org/fulldisclosure/2009/Oct/261
Development
Similar Modules
- auxiliary/admin/oracle/dbms_cdc_ipublish
- auxiliary/admin/oracle/dbms_cdc_publish
- auxiliary/admin/oracle/lt_compressworkspacetree
- auxiliary/admin/oracle/lt_mergeworkspace
- auxiliary/admin/oracle/lt_removeworkspace
- auxiliary/admin/oracle/ora_ntlm_stealer
- auxiliary/admin/oracle/oracle_sql
- auxiliary/admin/oracle/oraenum
- auxiliary/admin/oracle/osb_execqr
- auxiliary/admin/oracle/osb_execqr2
Usage Information
$ msfconsole
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/admin/oracle/oracle_login
msf auxiliary(oracle_login) > set RHOST [TARGET IP]
msf auxiliary(oracle_login) > run
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/admin/oracle/oracle_login
msf auxiliary(oracle_login) > set RHOST [TARGET IP]
msf auxiliary(oracle_login) > run
Module Options
| CSVFILE | The file that contains a list of default accounts. (default: /usr/lib/msf3/data/wordlists/oracle_default_passwords.csv) |
| RHOST | The Oracle host. (default: ) |
| RPORT | The TNS port. (default: 1521) |
| SID | The sid to authenticate with. (default: ORCL) |
| WORKSPACE | Specify the workspace for this module |
Metasploit Framework
Copyright © 2003-2010 Rapid7 LLC
Rapid7 Privacy Statement
Rapid7 Privacy Statement