Metasploit mailing list archives
Simple patch for oracle SID enum
From: naplanetu at gmail.com (Taras P. Ivashchenko)
Date: Sat, 07 Mar 2009 14:09:12 +0300
Hello, list! In original version oracle_sid doesn't work correctly with INSTANCE_NAME and SERVICE_NAME values with dots (e.g. when SID == db.test.com). --- oracle_sid.rb.old 2009-03-07 13:56:43.000000000 +0300 +++ oracle_sid.rb 2009-03-07 14:05:15.000000000 +0300 @@ -53,14 +53,14 @@ else - sid = data.scan(/INSTANCE_NAME=(\w+)/) + sid = data.scan(/INSTANCE_NAME=([^\)]+)/) sid.uniq.each do |s| print_status("Identified SID for #{rhost}: #{s}") end end - service_name = data.scan(/SERVICE_NAME=(\w+)/) + service_name = data.scan(/SERVICE_NAME=([^\)]+)/) service_name.each do |s| print_status("Identified SERVICE_NAME for #{rhost}: #{s}") -- ????? ???????? (Taras Ivashchenko), OSCP www.securityaudit.ru ---- "Software is like sex: it's better when it's free." - Linus Torvalds -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part URL: <http://mail.metasploit.com/pipermail/framework/attachments/20090307/f06df3f0/attachment.pgp>
Current thread:
- Simple patch for oracle SID enum Taras P. Ivashchenko (Mar 07)