Penetration Testing mailing list archives

RE: Oracle TNS Listener

From: "Chitresh Sen" <chitresh_sen () ftml net>
Date: Wed, 07 Sep 2005 02:31:20 -0700

Dear All,

By using tnscmd.pl, I can able to stop and crash the listener. 

I tested this on Oracle 8.1.5 (Windows), need to test on more versions
.... Also exploring more what else can be done on windows machine (able
to change log file) ... any comments ??? will expedite the process.

Regrds
Chitresh 

On Mon, 5 Sep 2005 18:08:18 -0700 (PDT), "magdelin tey"
<cruxiezzzzz () yahoo com> said:

here u go, I think it is this tool. I used it before to check for the
listener password, and at the end of the day, i managed to stop the
database. caused quite a havoc. :P
So, used at your own risk
 
Maggie

Michael Gargiullo <mgargiullo () pvtpt com> wrote: 
I have a tool written in Perl somewhere here to exploit this. Lemme dig
around a bit.

How much you can do with the listener depends on a few factors.

-Mike

-----Original Message-----
From: Chitresh Sen [mailto:chitresh_sen () ftml net] 
Sent: Thursday, September 01, 2005 9:41 PM
To: pen-test () securityfocus com
Subject: Oracle TNS Listener

Dear All,

Vulnerability: Oracle TNS listener without password;
Implication: Remote attacker can control the listener;

In order to test the above vulnerability I had done the following:

1. Installed the Oracle 9i client on my laptop
2. Copy the lsnrctl.exe from Oracle 8 server
3. Configured the listener.ora file as follows

LISTENER =
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = JUNK)(PORT = 1521))
)
)

But I am unable to execute the commands on remote listener and getting
the following error.

LSNRCTL> status
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=JUNK)(PORT=152
1))(CONNECT_DATA=(SERVICE_NAME=chitresh)))
TNS-12538: TNS:no such protocol adapter
TNS-12560: TNS:protocol adapter error
TNS-00508: No such protocol adapter

TNS-12538: TNS:no such protocol adapter
TNS-12560: TNS:protocol adapter error
TNS-00508: No such protocol adapter

What can be the problem ? is it the version problem for lsnrctl.exe
because I was unable to get the Oracle 9i server lsnrctl.exe so I had
taken from oracle 8 server and copies all its dll and set the path to
execute it, or am I missing something.

Regards
Chitresh
-- 
Chitresh Sen
chitresh_sen () ftml net

-- 
http://www.fastmail.fm - The way an email service should be


------------------------------------------------------------------------
------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on
your 
website. Up to 75% of cyber attacks are launched on shopping carts,
forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are 
futile against web application hacking. Check your website for
vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before
hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
------------------------------------------------------------------------
-------


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts,
forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are 
futile against web application hacking. Check your website for
vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before
hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

-- 
  Chitresh Sen
  chitresh_sen () ftml net

-- 
http://www.fastmail.fm - A no graphics, no pop-ups email service


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

Oracle TNS Listener Chitresh Sen (Sep 02)
- <Possible follow-ups>
- RE: Oracle TNS Listener Michael Gargiullo (Sep 05)
  - Re: Oracle TNS Listener Pete Finnigan (Sep 06)
- RE: Oracle TNS Listener Chitresh Sen (Sep 07)