Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Researcher charts new, more dangerous Oracle attack"] [Next entry: "New paper on Oracle Forensics"]

More Oracle exploits

mood: L

Andrea Purificato has a site called RawLAB that is quite useful. It has a good list of Oracle exploits written in Perl. These include the following exploits written to use cursor injection:

and those that use traditional PL/SQL injection:

Plus a couple of tools, the first to execute remote OS commands - and a tool to extract Oracle password hashes -

nice site!