Pete Finnigan's Oracle Security Weblog

I was emailed a few weeks ago by Paul Breniuc who let me know about his new free tool WinSID that can be used to discover Oracle instances. This is a great free tool. The tool does not need an Oracle client and is not a wrapper on top of the Oracle client. It can be used to interrogate the Oracle listener to display information about remote (and local) listeners - For instance services, SID, listener statistics on established connections. The Paul's main page for this tool is titled "WinSID (free) - Oracle instance discovery tools" and it gives some details of the tool and also some graphics of it in use. A great feature is the fact that a working TNSNAMES.ORA connection string is stored in the Windows clipboard. As I said the tool does not use Oracle libraries / OCI etc. It uses native network calls to send packets to the listener in similar manner to http://www.jammed.com/~jwa/hacks/security/tnscmd/ - (broken link) tnscmd I assume. The free version does not support all listener commands, the Pro version does. The free version does not support TNSPings but Paul has a free TNSPinger for this - It doesn't look like it has been released yet.

The WinSID tool is available for free download from Paul's site and there is also a professional version WinSID Pro that can scan complete networks looking for Oracle listeners. The free version of WinSID Oracle instance recovery tool is available here.

I have included the tool in the free section of my Oracle security tools page and I must apologise to Paul for not adding it sooner as he emailed me a few weeks ago.