infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

cleaned up name and description. 

git-svn-id: file:///home/svn/framework3/trunk@7713 4d416f70-5f16-0410-b530-b9f4589650da
unstable
Mario Ceballos 2009-12-05 14:14:23 +00:00
parent 12e8c97a97
commit b731291878
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
modules/auxiliary/admin/oracle/ora_ntlm_stealer.rb
View File

@ -13,15 +13,15 @@ class Metasploit3 < Msf::Auxiliary
def initialize(info = {})
super(update_info(info,
'Name' => 'Owning Windows server using Oracle database unpivileged user.',
'Name' => 'Oracle SMB Relay Code Execution',
'Description' => %q{
This module will help you to get Administrator access to OS using unprivileged
Oracle database user (you need only CONNECT and RESOURCE privileges)
To do this you must firstly run smb_sniffer of smb_relay module on your sever.
This module will help you to get Administrator access to OS using an unprivileged
Oracle database user (you need only CONNECT and RESOURCE privileges).
To do this you must firstly run smb_sniffer or smb_relay module on your sever.
Then you must connect to Oracle database and run this module Ora_NTLM_stealer.rb
which will connect to your SMB sever with credentials of Oracle RDBMS.
So if smb_relay is working you will get Administrators access to server which runs
Oracle of not than you can decrypt HALFLM hash.
So if smb_relay is working, you will Administrator access to server which runs
Oracle. If not than you can decrypt HALFLM hash.
},
'Author' => [ 'Sh2kerr <research[ad]dsecrg.com>' ],
'License' => MSF_LICENSE,