Tag Archives: hacking

NMap 7 is out

Yesterday I read that there is a totally new release of nmap, the network mapping tool. I’ve blogged about Nmap before. Version 7 has attacks against Heartbleed, it has mature IPv6 support, faster scans on Windows and BSD systems. And … Continue reading

Posted in Oracle security | Tagged , , , , , | 1 Comment

Five steps to have your own Metasploit and Oracle demo environment

Bingo! I’ve done it! I’ve got Metaspoit working against an Oracle database. And in this blogpost I’ll explain how you can do it too.   Step 0. Your soon to be powned Oracle database Let’s assume you already have a … Continue reading

Posted in Hacking for better security awareness, Oracle security | Tagged , , , , , , | Leave a comment

No. If I can’t hack you, you are not secure.

Ever come up against this issue?¬†You see that something in the IT infrastructure is set up in a less than sanitary way: for example the application has dynamic SQL, or the security of the database relies on the application. One … Continue reading

Posted in Oracle security | Tagged , , , | Leave a comment

Having a ball with the hacking training

Today I did my third out of four database hacking sessions at work and I have to say it again was a lot of fun. It sure did raise security awareness. My training of four hours consists of the following … Continue reading

Posted in Oracle security | Tagged , , , , , , | 1 Comment

Running Nmap against an Oracle listener

When preparing for the Planboard symposium in Utrecht last Tuesday, I decided to use tools like Nmap and Metasploit to show how these tools can be used against an Oracle database server. I have worked with Nmap before, but I’m … Continue reading

Posted in Oracle security | Tagged , , , , | 1 Comment

The best way to gain security awareness, is to learn to hack

One of our managers at my former employer was not amused. You might say he was appalled. I wrote on our company blog a post (in Dutch) about how to use the Java exploit in the Oracle database, recently shown … Continue reading

Posted in Oracle security | Tagged , , , | 1 Comment