title

Abusing Oracle's CREATE DATABASE LINK privilege for fun and profit! | NotSoSecure

charset

utf-8

google-site-verification

TPZ6OuPmijmkU03H4oYRwq-3Rm351vVjiht-_rHXuQ4

msvalidate.01

21E2E81A8EF6FC0C9F7641AF99D113C9

viewport

width=device-width, initial-scale=1.0, user-scalable=yes

og:site_name

NotSoSecure

og:type

article

og:url

/abusing-oracles-create-database-link-privilege-fun-and-profit

og:title

Abusing Oracle's CREATE DATABASE LINK privilege for fun and profit!

og:description

Oracle database (like any other database) offers functionality to create a database link via which you can connect to a remote database. You can then run a SQL Query on the remote database and get the results. This is exactly like the Openrowset/Openquery feature of MS-SQL.CREATE DATABASE LINK local CONNECT TO USERNAME IDENTIFIED BY PASSWORD USING 'ORCL_SID' NetSpi did a good job at documenting how to abuse MS-SQL openquery feature. During a recent pentest, we came across a SQLi in a web application which talks to Oracle database 11g R2.

twitter:card

summary

twitter:url

/abusing-oracles-create-database-link-privilege-fun-and-profit

twitter:title

Abusing Oracle's CREATE DATABASE LINK privilege for fun and profit!

twitter:description

Oracle database (like any other database) offers functionality to create a database link via which you can connect to a remote database. You can then run a SQL Query on the remote database and get

twitter:image

/sites/all/assets/nss/Abusing%20Oracles%20CREATE%20DATABASE%20LINK%20privilege%20for%20fun%20and%20profit%21.jpg

canonical

/abusing-oracles-create-database-link-privilege-fun-and-profit

image_src

/sites/all/assets/nss/Abusing%20Oracles%20CREATE%20DATABASE%20LINK%20privilege%20for%20fun%20and%20profit%21.jpg

shortcut icon

/sites/all/assets/nss/nss-favicon.ico

shortlink

/node/4269

stylesheet

/sites/all/assets/nss/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css