Oracle DB SQL Injection via SYS.DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION | Metasploit Exploit Database (DB)

Oracle DB SQL Injection via SYS.DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION

This module will escalate a Oracle DB user to DBA by exploiting an sql injection bug in the SYS.DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION package/function. This vulnerability affects to Oracle Database Server 9i up to 9.2.0.5 and 10g up to 10.1.0.4.

Search Other Modules


Rank

  • Normal

Authors

  • Esteban Martinez Fayo < >
  • juan vazquez < >

Vulnerability References


Development


Similar Modules


Usage Information

$ msfconsole

                ##                          ###           ##    ##
 ##  ##  #### ###### ####  #####   #####    ##    ####        ######
####### ##  ##  ##  ##         ## ##  ##    ##   ##  ##   ###   ##
####### ######  ##  #####   ####  ##  ##    ##   ##  ##   ##    ##
## # ##     ##  ##  ##  ## ##      #####    ##   ##  ##   ##    ##
##   ##  #### ###   #####   #####     ##   ####   ####   #### ###
                                      ##

msf > use auxiliary/sqli/oracle/dbms_cdc_subscribe_activate_subscription
msf auxiliary(dbms_cdc_subscribe_activate_subscription) > set RHOST [TARGET IP]
msf auxiliary(dbms_cdc_subscribe_activate_subscription) > run


Module Options

DBPASS The password to authenticate with. (default: TIGER)
DBUSER The username to authenticate with. (default: SCOTT)
RHOST The Oracle host. (default: )
RPORT The TNS port. (default: 1521)
SID The sid to authenticate with. (default: ORCL)
SQL SQL to execute. (default: GRANT DBA to SCOTT)
VERBOSE Enable detailed status messages
WORKSPACE Specify the workspace for this module