Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: oracle VA/PT

From: Michael Gargiullo <mgargiullo () pvtpt com>
Date: Fri, 30 Sep 2005 09:26:37 -0400
Maybe because the default listener port is 1521?


True, but he said it was a default install, and the nessus plugin
usually will find it no matter what port.

There's also App Detective, which looks promising, but $$$.

-----Original Message-----
From: Joshua Wright [mailto:jwright () hasborg com] 
Sent: Wednesday, September 28, 2005 7:53 AM
To: Michael Gargiullo
Cc: pen-test () securityfocus com
Subject: Re: oracle VA/PT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Michael Gargiullo wrote:

I find it strange that nessus didn't even see an open port on 1421.


Maybe because the default listener port is 1521?


There are a butt-load of Oracle plugins for nessus. More then 7 of

them

are for remote shells.


For Oracle VA scanning, I've had good experiences with the NGS SQuirreL
product from NGSSoftware (http://www.ngssoftware.com/squirrelsql.htm).

A free trial is available to test it out.

- -Josh
- --
- -Joshua Wright
jwright () hasborg com

2005-2006 pgpkey: http://802.11ninja.net/pgpkey.htm
fingerprint: F00E 7A42 8375 0C55 964F E5A4 4D2F 22F6 3658 A4BF

Today I stumbled across the world's largest hotspot.  The SSID is
"linksys".
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)

iD8DBQFDOoQtTS8i9jZYpL8RAjGyAKCRU7bODbC7joNE44vcfZnioYmeqACeItys
dhBfcxIcPC/PH6wmJWKl0Xs=
=wJSI
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on
your 
website. Up to 75% of cyber attacks are launched on shopping carts,
forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are 
futile against web application hacking. Check your website for
vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before
hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
------------------------------------------------------------------------
-------



------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: