Oracle Anti-Hacking

Summary

Know your enemy is important if you are responsible for the protection of Oracle databases and application server. In this session you learn various tricks of Oracle Hacker and the appropriate countermeasure.

Course length:5 days
Language:English

Intended audience

  • Database Administrators that are keen to learn how a hacker would view their database deployments
  • IT consultants who want to learn to perform in-depth security assessments
  • This course is not intended for misguided individuals who intend to use tools and techniques for criminal purposes
Prerequisities

Students should have a good understanding of

  • Oracle Databases
Table of contents
Oracle Security Information
  • Oracle Security related Websites (Where to find Exploits, Gossip....)
  • Books (Useful Oracle Security books)
  • Metalink Hacking (Find unknown/unpublished security bugs in Metalink)
  • Google Hacking of Oracle Technologies
  • Yahoo Hacking of Oracle Technologies
  • Analysing Oracle Security Patches
  • Where to buy unpublished Oracle Security Bugs
Security Basics
  • Secure Oracle Architecture (Client, Server, Application Server, Backup/Recovery...)
  • Oracle Security Features (Audit, Encryption, ASO, VPD, OLS...)
  • Encryption (Concepts, Network, Database...)
  • Privileges
  • Audit (Concept, what...)
  • Forensics
  • D.o.S. - Denial of Service (Concepts, TNS-Listener, database, database user, oid...)
  • Buffer Overflows (Concepts, Packages, SQL functions...)
  • SQL Injection (Concepts, Packages, Trigger, Webapplication...)
  • Cross Site Scripting (Concepts, How to use...)
  • Tools (Scripts, Oracle Security Scanner, Free and commercial software ...)
Database
  • Attack Scenarios
  • Overview Security Windows (Services, Patches...)
  • Overview Security Unix (X11, Services, Patches...)
  • File Permission (Common Issues, Become Root... )
  • Listener (TNS, MTS, XMLSDB, Exploits, Securing Listeners...)
  • Network Sniffing & Tracing (Ethereal/Wireshark, Tracing, ASO...)
  • Reading and stealing files (Export, archive, utl_file, dbms_lob...)
  • Creating Files ( utl_file, external tables, dbms_advisory, Java, ...)
  • Oracle Database Passwords (Brute Force Cracker, Password Algorithm, hashkeys...)
  • Other Oracle Passwords (modplsql, CMDSK, changing, decrypting...)
  • Execute OS commands (Java, Extproc, undocumented Procedures...)
  • Database Encryption (Decrypt Data, Steal encryption keys, Circumvent Encryption, sort_area_size, Reverse Engineering Key Algorithms)
  • PLSQL (Wrapping, Unwrapping PLSQL, Patching wrapped procedures, ...)
  • XMLDB (D.o.S, XSS, ...)
  • Backdoors (How to Implement, Find)
  • Become DBA (several ways to become DBA)
  • Components
    - HTMLDB
    - XMLDB
    - Enterprise Manager
    - Database Control / Grid Control
    - iSQLPlus
    - OID
  • Hardening Oracle Database (Approach, where to start, top-5-issues, Keep the database secure...)
Oracle Clients
  • Attack Scenarios
  • Passwords & Accounts (Handling, Roaming, Decryption, ...)
  • Client Startup Files
  • SQL Logging
  • Temp Files
  • Analysing various Oracle Clients
  • Using Windows PE / Knoppix (Create own Oracle Boot-CD)
  • Hardening Oracle Clients
Application Server
  • Attack Scenarios
  • Oracle HTTP Server (Apache)
  • Oracle Forms Server (SQL Injection, OS execution...)
  • Oracle Reports Server (SQL Injection, OS execution...)
  • Oracle Webcache
  • Oracle Portal (SQL Injection)
  • Hardening Oracle Application Server
Advanced Topics
  • Oracle Rootkits (Concepts, V1, V2,Create invisible users, modify packages, ...)
  • Oracle Viruses (Concepts)
  • Oracle Worms (Concept)
  • Oracle Forensincs
  • Hacking Oracle Database Vault
  • Hacking Transparent Data Encryption (TDE)
  • Oracle Phishing
  • Oracle Patch Modification
  • Using Matrixay for Webapps
  • Using Repscan


Dates:
May 18, 2008 - May 22, 2008 (Register for this date)
July 06, 2008 - July 10, 2008 (Register for this date)

Download course leaflet as a Adobe PDF file
For more information concerning this course, please contact courses@scanit.net.