Oracle
Default Accounts
system / manager (this use can change sys's password)
sys / man (highest privileged account)
scott / tiger
Interesting tables
all_users
all_tables
user_sys_privs
sys.dba_users
sys.dba_tab_privs
sys.dba_sys_privs
sys.dba_profiles
sys.dba_roles
sys.dba_role_privs
sys.dba_audit_trail
sys.aud$
Interesting queries
alter all_user klx identified by asdfafds
grant dba to userid
grant connect to userid identified by password (new user)
select username, password from sys.dba_users
select * from profile DEFAULT
alter profile default invalid_logins unlimited
audit connect on default whenever successful
audit connect on default whenever not successful
audit update on default whenever successful
delete * from sys.aud$
select owner, table_name from sys.dba_tables
Links
Here is a nice link with tutorials on how to Secure Oracle.
Decrypting Oracle toplink workbench passwords.
Oracle Tools such as the decryption of the Oracle toplink mapping workbench password algorithm.
Issues. Help anyone?
How do you get from the scott-account to the sys-account?
How do you dump the passwords. I guess this in not possible due to the DES-Encryption of the passwords (not reversible).
I am not at all repsonsible for the usage of this information. I intended to have it here for educational purposes only!
|
CopyLeft (l) 2003 by Raffael Marty
|
