Odat - Oracle Database Attacking Tool.

Odat – Oracle Database Attacking Tool.

ODAT (Oracle Database Attacking Tool) is an open source penetration testing tool that tests the security of Oracle Databases remotely.
Usage examples of ODAT:
+ You have an Oracle database listening remotely and want to find valid SIDs and credentials in order to connect to the database
+ You have a valid Oracle account on a database and want to escalate your privileges (ex: SYSDBA)
+ You have a valid Oracle account and want to execute commands on the operating system hosting this DB (ex: reverse shell)
Tested on Oracle Database 10g, 11g and 12c(12.1.0.2.0).

Latest Version 1.5 Changelog :
– new module named search in order to search in column names
– some improvements done (ex: output of tables)
– new option : output encoding

Features :
– search valid SID on a remote Oracle Database listener via:
— a dictionary attack
— a brute force attack
– ALIAS of the listener
– search Oracle accounts using:
— a dictionary attack
— each Oracle user like the password (need an account before to use this attack)
– execute system commands on the database server using:
— DBMS_SCHEDULER
— JAVA
— external tables
— oradbg
– download files stored on the database server using:
— UTL_FILE
— external tables
— CTXSYS
— DBMS_LOB (NEW : 2014/07/28)
– upload files on the database server using:
— UTL_FILE
— DBMS_XSLPROCESSOR
— DBMS_ADVISOR
– delete files using:
— UTL_FILE
– send/reveive HTTP requests from the database server using:
— UTL_HTTP
— HttpUriType
– scan ports of the local server or a remote server using:
— UTL_HTTP
— HttpUriType
— UTL_TCP
– capture a SMB authentication through:
— an index in order trigger a SMB connection
– exploit the CVE-2012-313 (http://cvedetails.com/cve/2012-3137)
— pickup the session key and salt for arbitrary users
— attack by dictionary on sessions
– search in column names thanks to the search module: (NEW : 2015/03/17)
search a pattern (ex: password) in column names

ODAT (Oracle Database Attacking Tool) is an open source penetration testing tool that tests the security of Oracle Databases remotely.

ODAT (Oracle Database Attacking Tool) is an open source penetration testing tool that tests the security of Oracle Databases remotely.

Supported Platforms and dependencies
+ ODAT is compatible with Linux only.
If you want to have the development version installed on your computer, these following tool and dependencies are needed:
+ Langage: Python 2.7
+ Oracle dependancies:
— Instant Oracle basic
— Instant Oracle sdk
+ Python libraries:
— cx_Oracle
— colorlog (recommended)
— termcolor (recommended)
— argcomplete (recommended)
— pyinstaller (recommended)

Installation (optional)
This part describes how to install instantclient, CX_Oracle and some others python libraries on Ubuntu in order to have the ODAT development version.
Get instant client basic, sdk (devel) and sqlplus from the Oracle web site:

X64: http://www.oracle.com/technetwork/topics/linuxx86-64soft-092277.html
X86: http://www.oracle.com/technetwork/topics/linuxsoft-082809.html
+ Install python-dev, alien and libaio1 package (for sqlplus):
sudo apt-get install libaio1 python-dev alien python-pip
+ Generate DEB files from RPM files thanks to :
sudo alien –to-deb oracle-instantclient11.2-basic-???.x???.rpm
sudo alien –to-deb oracle-instantclient11.2-sqlplus-???.x???.rpm
sudo alien –to-deb oracle-instantclient11.2-devel-???.x???.rpm
+ Install instant client basic, sdk and sqlplus:
sudo dpkg -i oracle-instantclient11.2-basic-???.x???.deb
sudo dpkg -i oracle-instantclient11.2-sqlplus-???.x???.deb
sudo dpkg -i oracle-instantclient11.2-devel_???_???.deb
+ Put these lines in your /etc/profile file in order to define Oracle env variables:
export ORACLE_HOME=/usr/lib/oracle/11.2/client64/
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$ORACLE_HOME/lib
export PATH=$ORACLE_HOME/bin:$PATH
+ Restart your session (to apply env variables) and run sqlplus:
sqlplus
If nor error: good job, Continue…
+ Create a symlink to your so file.
cd $ORACLE_HOME/lib/
sudo ln -s libclntsh.so.11.1 libclntsh.so
+ Create the /etc/ld.so.conf.d/oracle.conf file and add the path to Oracle home:
/usr/lib/oracle/11.2/client64/lib/
+ Update the ldpath using:
sudo ldconfig
+ Install CX_Oracle
sudo -s
source /etc/profile
pip install cx_Oracle
+ Test if all is good:
python -c ‘import cx_Oracle’
This command should just return without errors.
+ Install some python libraries:
sudo apt-get install python-scapy
sudo pip install colorlog termcolor pycrypto
sudo pip install argcomplete && sudo activate-global-python-argcomplete
+ Install the development version of pyinstaller (http://www.pyinstaller.org/).
python setup.py install
+ Run ODAT:
./odat.py -h

Download : Master.zip  | Clone Url
StandAlone version : odat-linux-libc2.5-i686.tar.gz
Source : https://github.com/quentinhardy