The Oracle Hacker's Handbook: Hacking and Defending Oracle

David Litchfield

  • 出版商: Wiley
  • 出版日期: 2007-02-01
  • 定價: $1,530
  • 售價: 5.0$765
  • 語言: 英文
  • 頁數: 216
  • 裝訂: Paperback
  • ISBN: 0470080221
  • ISBN-13: 9780470080221
  • 相關分類: Oracle駭客 Hack
  • 立即出貨(限量) (庫存=1)

買這商品的人也買了...

商品描述

Description

* David Litchfield is the ultimate authority on breaking into Oracle, and this unique book contains everything he knows-most of which has never before been published
* Examines in depth all the techniques and tools that hackers use to break into Oracle database servers so that IT professionals can better understand the risk that their systems are exposed to and, in turn, build and employ better defensive strategies
* Helps database administrators and security practitioners recognize new threats and how to deal with those threats in the most effective and efficient way possible
* Addresses the constant onslaught of security breaches, holes, and hacks and how to prepare for whatever else might be coming down the pike
 
Table of Contents
About the Author.

Acknowledgments.

Introduction.

Code Samples from the Book.

Oracle and Security.

The “Unbreakable” Marketing Campaign.

Independent Security Assessments.

The Future.

Chapter 1 Overview of the Oracle RDBMS.

Architecture.

Processes.

The File System.

The Network.

Database Objects.

Users and Roles.

Privileges.

Oracle Patching.

Wrapping Up.

Chapter 2 The Oracle Network Architecture.

The TNS Protocol.

The TNS Header.

Inside the Packet.

Getting the Oracle Version.

The Listener Version and Status Command.

Using the TNS Protocol Version.

Using the XML Database Version.

Using TNS Error Text.

Using the TNS Version TTC Function.

Wrapping Up.

Chapter 3 Attacking the TNS Listener and Dispatchers.

Attacking the TNS Listener.

Bypassing 10g Listener Restrictions.

The Aurora GIOP Server.

The XML Database.

Wrapping Up.

Chapter 4 Attacking the Authentication Process.

How Authentication Works.

Attacks Against the Crypto Aspects.

Default Usernames and Passwords.

Looking in Files for Passwords.

Account Enumeration and Brute Force.

Long Username Buffer Overflows.

Wrapping Up.

Chapter 5 Oracle and PL/SQL.

What Is PL/SQL?

PL/SQL Execution Privileges.

Wrapped PL/SQL.

Wrapping and Unwrapping on 10g.

Wrapping and Unwrapping on 9i and Earlier.

Working without the Source.

PL/SQL Injection.

Injection into SELECT Statements to Get More Data.

Injecting Functions.

Injecting into Anonymous PL/SQL Blocks.

The Holy Grail of PLSQL Injection.

Investigating Flaws.

Direct SQL Execution Flaws.

PL/SQL Race Conditions.

Auditing PL/SQL Code.

The DBMS_ASSERT Package.

Some Real-World Examples.

Exploiting DBMS_CDC_IMPDP.

Exploiting LT.

Exploiting DBMS_CDC_SUBSCRIBE and DBMS_CDC_ISUBSCRIBE.

PLSQL and Triggers.

Wrapping Up.

Chapter 6 Triggers.

Trigger Happy: Exploiting Triggers for Fun and Profit.

Examples of Exploiting Triggers.

The MDSYS.SDO_GEOM_TRIG_INS1 and SDO_GEOM_TRIG_INS1 Triggers.

The MDSYS SDO_CMT_CBK_TRIG Trigger.

The SYS.CDC_DROP_CTABLE_BEFORE Trigger.

The MDSYS.SDO_DROP_USER_BEFORE Trigger.

Wrapping Up.

Chapter 7 Indirect Privilege Escalation.

AHop, a Step, and a Jump: Getting DBA Privileges Indirectly.

Getting DBA from CREATE ANY TRIGGER.

Getting DBA from CREATE ANY VIEW.

Getting DBA from EXECUTE ANY PROCEDURE.

Getting DBA from Just CREATE PROCEDURE.

Wrapping Up.

Chapter 8 Defeating Virtual Private Databases.

Tricking Oracle into Dropping a Policy.

Defeating VPDs with Raw File Access.

General Privileges.

Wrapping Up.

Chapter 9 Attacking Oracle PL/SQL Web Applications.

Oracle PL/SQL Gateway Architecture.

Recognizing the Oracle PL/SQL Gateway.

PL/SQL Gateway URLs.

Oracle Portal.

Verifying the Existence of the Oracle PL/SQL Gateway.

The Web Server HTTP Server Response Header.

How the Oracle PL/SQL Gateway Communicates with the Database Server.

Attacking the PL/SQL Gateway.

The PLSQL Exclusion List.

Wrapping Up.

Chapter 10 Running Operating System Commands.

Running OS Commands through PL/SQL.

Running OS Commands through Java.

Running OS Commands Using DBMS_SCHEDULER.

Running OS Commands Directly with the Job Scheduler.

Running OS Commands Using ALTER SYSTEM.

Wrapping Up.

Chapter 11 Accessing the File System.

Accessing the File System Using the UTL_FILE Package.

Accessing the File System Using Java.

Accessing Binary Files.

Exploring Operating System Environment Variables.

Wrapping Up.

Chapter 12 Accessing the Network.

Data Exfiltration.

Using UTL_TCP.

Using UTL_HTTP.

Using DNS Queries and UTL_INADDR.

Encrypting Data Prior to Exfiltrating.

Attacking Other Systems on the Network.

Java and the Network.

Database Links.

Wrapping Up.

Appendix A Default Usernames and Passwords.

Index.

商品描述(中文翻譯)

描述





















* David Litchfield 是闖入 Oracle 的終極權威,這本獨特的書籍包含他所知道的一切,其中大部分以前從未發表過
* 深入探討黑客使用的所有技術和工具,以便 IT 專業人員更好地了解他們的系統所面臨的風險,並相應地建立和使用更好的防禦策略
* 幫助數據庫管理員和安全從業人員識別新的威脅,以及如何以最有效和高效的方式應對這些威脅
* 解決不斷發生的安全漏洞和攻擊,以及如何為可能出現的其他問題做好準備

 





















目錄














關於作者。

致謝。


引言。


書中的程式碼範例。


Oracle 和安全性。


「無法破解」的行銷活動。


獨立的安全評估。


未來展望。


第1章 Oracle RDBMS 概述。


架構。


進程。


檔案系統。


網路。


資料庫物件。


使用者和角色。


權限。


Oracle 更新。


總結。


第2章 Oracle 網路架構。


TNS 協議。


TNS 標頭。


封包內容。


獲取 Oracle 版本。


監聽器版本和狀態命令。


使用 TNS 協議版本。


使用 XML 資料庫版本。


使用 TNS 錯誤文字。


使用 TNS 版本 TTC 函數。


總結。


第3章 攻擊 TNS 監聽器和調度器。


攻擊 TNS 監聽器。


繞過 10g 監聽器限制。


Aurora GIOP 伺服器。


XML 資料庫。


總結。


Cha```