Category Archives: Hacking for better security awareness

The Department of Hacking Other Departments

We operations people often are rather charmed by Netflix’ idea of Chaos Monkey. This is a tool that identifies a group of systems and randomly terminates one system in that group. If you’ve never heard of Chaos Monkey, you might … Continue reading

Posted in Hacking for better security awareness, Security | Tagged , , , , | Leave a comment

Exploiting an Oracle database with Metasploit (Part 2)

Continuing from Exploiting an Oracle database with Metasploit (Part 1). Here’s the next set of Metasploit exploits and scanners I’ve tried and tested. auxiliary/scanner/oracle/tnspoison_checker This one just checks if your database is vulnerable to TNS poisoning: msf auxiliary(tnspoison_checker) > info … Continue reading

Posted in Hacking for better security awareness, Oracle security | Tagged , , , | Leave a comment

Exploiting an Oracle database with Metasploit (Part 1)

Now that I have a Metasploit and Oracle demo environment, it is time to see what I can use to exploit an Oracle 11g Release 2 database. I have to tell you, most of the exploits are actually rather old. … Continue reading

Posted in Hacking for better security awareness, Oracle security | Tagged , , , , | 1 Comment

Five steps to have your own Metasploit and Oracle demo environment

Bingo! I’ve done it! I’ve got Metaspoit working against an Oracle database. And in this blogpost I’ll explain how you can do it too.   Step 0. Your soon to be powned Oracle database Let’s assume you already have a … Continue reading

Posted in Hacking for better security awareness, Oracle security | Tagged , , , , , , | Leave a comment

Installing and Learning Metasploit

I’ve blogged about Metasploit before. Metasploit is a framework for exploits and comes with tools like port scanners, password crackers and more. These days you can learn a lot of skills on Youtube, and tutorials about Metasploit are among them. … Continue reading

Posted in Hacking for better security awareness, Oracle security | Tagged , , , , , , , | Leave a comment