ODAT
ODAT is an open source penetration testing tool that tests the security of Oracle Databases remotely. It helps identify valid SIDs and credentials, escalate privileges, and execute system commands on the host operating system.
Description
ODAT (Oracle Database Attacking Tool) is designed for remote security testing of Oracle Databases. It provides multiple modules to exploit common weaknesses in Oracle setups, enabling penetration testers to assess database vulnerabilities without physical access.
Primary use cases include discovering valid SIDs and credentials to gain initial access to a remote Oracle database, escalating privileges from a standard account to DBA or SYSDBA levels, and executing system commands like reverse shells to pivot to the underlying operating system.
The tool supports various attack vectors such as TNS listener communication, SID and service name guessing, password guessing, and exploitation of Oracle built-ins like UTL_HTTP, UTL_TCP, and DBMS_SCHEDULER for advanced post-exploitation.
How It Works
ODAT operates by interacting with Oracle's TNS listener protocol and database internals. Modules like tnscmd communicate directly with the TNS listener, tnspoison exploits TNS poisoning (requiring SID), sidguesser and snguesser brute-force valid SIDs and service names, while others leverage Oracle packages (e.g., utlhttp, utltcp, dbmsxslprocessor) to transfer files, make HTTP requests, or execute OS commands. Privilege escalation uses techniques like ctxsys or externaltable to gain DBA access, and features like passwordstealer extract credentials from the database.
Installation
sudo apt install odatFlags
Examples
odat -hodat allodat tnscmdodat tnspoisonodat sidguesserodat snguesserodat passwordguesser