less than 1 minute read

Nmap

nmap -p 1521 -A $ip

nmap -n -v -sV -Pn -p 1521 –script=oracle-enum-users –script-args sid=ORCL,userdb=users.txt $ip

nmap --script "oracle-tns-version" -p 1521 -T4 -sV <IP>
# TNS listener version

nmap --script=oracle-sid-brute $ip
nmap  -n -v -sV -Pn -p 1521 --script=oracle-brute $ip
# Brute-Force Account

oscanner

oscanner -s $ip -P 1521

tnscmd10g

A tool to prod the oracle tnslsnr process

tnscmd10g version -h 192.168.1.101
tnscmd10g status -h 192.168.1.101

TNS listener commands

Command Purpose
ping Check if the listener is active.
version Display listener version and platform information.
status Show current listener status and configuration variables.
services Dump current service data handled by the listener.
debug Output debugging information to the listener log.
reload Reload the listener configuration file.
save_config Save the current configuration to a backup file.
stop Shut down the listener process.

Brute Force

if listener is password protected

hydra -P rockyou.txt -t 32 -s 1521 host.victim oracle-listener

Enumeration tool

Odat - Oracle Database Attacking Tool

You May Also Enjoy

Linux

less than 1 minute read