Information System Security. Outline  Oracle Vulnerabilities  Oracle Security Assessment 2 Information System Security - Week 10.

Slides:



Advertisements
Similar presentations
10 g An Investigation Into The Security Of Oracle 10g Enterprise Edition Release 2 Researcher: Okelitse Nyathi Supervisor: Mr J Ebden.
Advertisements

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Understand Database Security Concepts
A Complete Tool For System Penetration Testing Presented By:- Mahesh Kumar Sharma B.Tech IV Year Computer Science Roll No. :- CS09047.
Some general principles in computer security Tomasz Bilski Chair of Control, Robotics and Computer Science Poznań University.
Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
Penetration Testing Anand Sudula, CISA,CISSP SSA Global Technologies, India Anand Sudula, CISA,CISSP SSA Global Technologies, India.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models.
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
System Administration Accounts privileges, users and roles
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 2 Operating System Security Fundamentals.
Chapter 5 Database Application Security Models
Security in SQL Jon Holmes CIS 407 Fall Outline Surface Area Connection Strings Authenticating Permissions Data Storage Injections.
1 GFI LANguard Network Security Scanner. 2 Contents Introduction Features Source & Installation Testing environment Results Conclusion.
Hacking Web Server Defiana Arnaldy, M.Si
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.
Oracle Database Security …from the application perspective Martin Nystrom September 2003.
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
Introduction to SQL Server 2000 Security Dave Watts CTO, Fig Leaf Software
An anti-hacking guide.  Hackers are kindred of expert programmers who believe in freedom and spirit of mutual help. They are not malicious. They may.
Hamdi Yesilyurt, MA Student in MSDF & PhD-Public Affaris SQL Riji Jacob MS Student in Computer Science.
Karlstad University Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.
Csci5233 Computer Security1 Bishop: Chapter 27 System Security.
CHAPTER 6 Users and Basic Security. Progression of Steps for Creating a Database Environment 1. Install Oracle database binaries (Chapter 1) 2. Create.
Attacks Against Database By: Behnam Hossein Ami RNRN i { }
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 5 “Database and Cloud Security”.
Database Application Security Models Database Application Security Models 1.
Chapter 6 : Designing SQL Server Service-Level Security MCITP Administrator: Microsoft SQL Server 2005 Database Server Infrastructure Design Study Guide.
Attacking Applications: SQL Injection & Buffer Overflows.
Security David Frommer Principal Architect Business Intelligence Microsoft Partner of the Year 2005 & 2007.
Computer Security and Penetration Testing Chapter 16 Windows Vulnerabilities.
Security.
Security Scanners Mark Shtern. Popular attack targets Web – Web platform – Web application Windows OS Mac OS Linux OS Smartphone.
1 IT420: Database Management and Organization Database Security 5 April 2006 Adina Crăiniceanu
Database Design and Management CPTG /23/2015Chapter 12 of 38 Functions of a Database Store data Store data School: student records, class schedules,
Managing users and security Akhtar Ali. Aims Understand and manage profiles Understand and manage users Understand and manage privileges Understand and.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
.  Define risk and risk management  Describe the components of risk management  List and describe vulnerability scanning tools  Define penetration.
Dale Roberts 1 Department of Computer and Information Science, School of Science, IUPUI Dale Roberts, Lecturer Computer Science, IUPUI
Database Role Activity. DB Role and Privileges Worksheet.
3 Copyright © 2004, Oracle. All rights reserved. Controlling Access to the Oracle Listener.
Database Security David Nguyen. Dangers of Internet  Web based applications open up new threats to a corporation security  Protection of information.
Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.
Chapter 13Introduction to Oracle9i: SQL1 Chapter 13 User Creation and Management.
Oracle 11g: SQL Chapter 7 User Creation and Management.
Databases Kevin Wright Ben Bruckner Group 40. Outline Background Vulnerabilities Log File Cleaning This Lab.
Intro To Oracle :part 1 1.Save your Memory Usage & Performance. 2.Oracle Login ways. 3.Adding Database to DB Trees. 4.How to Create your own user(schema).
C Copyright © 2007, Oracle. All rights reserved. Security New Features.
By Collin Donaldson. Hacking is only legal under the following circumstances: 1.You hack (penetration test) a device/network you own. 2.You gain explicit,
Microsoft Advertising 16:9 Template Light Use the slides below to start the design of your presentation. Additional slides layouts (title slides, tile.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Database and Cloud Security
SQL Injection.
SQL Server Security & Intrusion Prevention
Web Application Vulnerabilities, Detection Mechanisms, and Defenses
World Wide Web policy.
Penetration Testing following OWASP
Introduction to SQL Server 2000 Security
Database Security OER- Unit 1-Authentication
Lecture 2 - SQL Injection
Operating System Security
Unit 32 Every class minute counts! 2 assignments 3 tasks/assignment
Presentation transcript:

Information System Security

Outline  Oracle Vulnerabilities  Oracle Security Assessment 2 Information System Security - Week 10

Outline  Oracle Vulnerabilities  Oracle Security Assessment 3 Information System Security - Week 10

Ways to attack 4 Information System Security - Week 10

Outline  Oracle Vulnerabilities Users/Passwords PL/SQL injection Running System Commands Other Vulnerabilities 5 Information System Security - Week 10

Users/Passwords  TNS protocol  How Oracle authenticates users?  Vulnerabilities 6 Information System Security - Week 10

TNS protocol Information System Security - Week 10 7

TNS protocol (cont) Information System Security - Week 10 8  TNS Listener is the hub of all communications in Oracle.  Information gathering can be done through TNS. ClientListener Connect Accept or Redirect

TNS protocol (cont) Information System Security - Week 10 9

Authentication process Information System Security - Week Send Username Send AUTH_SESSKEY Decrypts AUTH_SESSKEY Encrypts Password Generates Secret Number Send AUTH_PASSWORD Compares with the password hash from database. Authenticated ClientServer

How about Oracle 11g Information System Security - Week Send Username Send AUTH_SESSKEY and AUTH_VFR_DATA Decrypts AUTH_SESSKEY Generates own AUTH_SESSKEY Combines 2 AUTH_SESSKEY  Encrypt Password Generates Secret Number Send AUTH_PASSWORD Compares with the password hash from database. Authenticated ClientServer

Vulnerabilities  Crypto Aspect If we have the password (hash)  get clear text password Information System Security - Week 10 12

Vulnerabilities (cont)  Default Usernames/Passwords.  Files for passwords.  Brute-force. Information System Security - Week 10 13

PL/SQL Injection  Introduction  Procedures, functions  Triggers  VPD 14 Information System Security - Week 10

Introduction  PL/SQL is the programming language built into Oracle extends SQL.  Can call external library (C or Java).  Used to create procedures, functions, triggers… Information System Security - Week 10 15

Introduction (cont)  Execution privileges. Definer privileges: “owner” rights. Invoker privileges: Keyword: AUTHID CURRENT_USER  PL/SQL can be wrapped  working without source: DESCribe feature. Information System Security - Week 10 16

Procedures  Similar to SQL injection.  PL/SQL injection can occur with a statement like this: Information System Security - Week Select * from table_name where id=‘USER_INPUT’ Select * from table_name where id=‘XXX’ UNION SELECT ….

Procedures (cont)  Inject function to PL/SQL statement. Keyword: AUTONOMOUS_TRANSACTION  Take advantage of what right functions/procedures are based on. Information System Security - Week 10 18

Triggers  Similar to procedures/functions injection.  Note: Triggers run with definer right.  Some real-world examples: MDSYS.SDO_DROP_USER_BEFORE MDSYS.SDO_GEOM_TRIG_INS1 Information System Security - Week 10 19

VPD  VPD is based on policy function.  Can be exploited through PL/SQL injection to drop policy.  Or exploited to grant EXEMPT ACCESS POLICY privilege  Another way to defeat VPD is reading raw file  HARD Information System Security - Week 10 20

Running System Commands  Through PL/SQL  Through Java  Access File System  Access Network 21 Information System Security - Week 10

Through PL/SQL  Use msvcrt.dll library to exec system command.  Must have create library privilege to register library in oracle  Newer versions of Oracle only accept libraries in Oracle_home/bin Information System Security - Week 10 22

Through PL/SQL (cont)  CREATE OR REPLACE LIBRARY exec_shell AS 'C:\winnt\system32\msvcrt.dll';  CREATE OR REPLACE PROCEDURE oraexec (cmdstring IN CHAR)  IS EXTERNAL  NAME "system"  LIBRARY exec_shell  LANGUAGE C;  EXEC ORAEXEC('NET USER MYACCOUNT PASSWORD /ADD'); Information System Security - Week 10 23

Through Java  Don’t need create library privilege.  Require: Execute on all files. Write File Descriptor. Read File Descriptor. Information System Security - Week 10 24

Through Java (cont)  CREATE OR REPLACE AND RESOLVE JAVA SOURCE NAMED "JAVACMD" AS  import java.lang.*;  import java.io.*;   public class JAVACMD  {  public static void execCommand (String command) throws IOException  {  Runtime.getRuntime().exec(command);  }  }; Information System Security - Week 10 25

Other ways  Using DBMS Scheduler.  Using Job Scheduler.  Using Alter System statement. Information System Security - Week 10 26

Access File System  Use UTL_FILE library  Need to have privilege to access DIRECTORY object or create a new one.  Using Java: is similar to running OS command. Need Read and Write permission Information System Security - Week 10 27

Access Network  Use UTL_TCP or UTL_HTTP.  Create connection to a remote host  transfer data. Information System Security - Week 10 28

Other Vulnerabilities  System Configurations O7_DICTIONARY_ACCESSIBILITY remote_os_authent dblink_encrypt_login..  TNS protocol settings  Application vulnerabilities Information System Security - Week 10 29

Other Vulnerabilities  Session attack JEbDQU JEbDQU  Access Control bypass in Login 1/ / Information System Security - Week 10 30

Outline  Oracle Vulnerabilities  Oracle Security Assessment 31 Information System Security - Week 10

Oracle Assessment  Vulnerability scanning  Penetration testing Information System Security - Week 10 32

Vulnerability scanning  Look for evidence of Vulnerable software versions Presence or lack of patches Misconfiguration Information System Security - Week 10 33

Vulnerability assessment tool  Secure Oracle Auditor™ (SOA) Information System Security - Week 10 34

Penetration test  A penetration test (pentest) is a method of evaluating the security of a computer system or network by simulating an attack from a malicious source.securitycomputer systemnetwork Information System Security - Week 10 35

Penetration test o Stages: o Scope/Goal Definition o Information Gathering o Vulnerability Detection o Information Analysis and Planning. o Attack& Penetration/Privilege Escalation. o Result Analysis & Reporting. o Cleanup. Information System Security - Week 10 36

 Footprint The first and most convenient way that hackers use to gather information. Includes: internet, remote access,extranet… Example: whois hvaonline.net Information System Security - Week Information gathering

Information System Security - Week  Example:

Attack  SQL script Information System Security - Week 10 39

Vulnerability assessment tool  AppDetectivePro for Oracle  Metasploit Information System Security - Week 10 40

DATABASE SERVICES COUNTERMEASURES  Remove default accounts, assign strong passwords to existing accounts, and begin the audit facility for failed logins.  Keep the databases patched  Reducing the privileges such as PUBLIC, keeping the privileges to a minimum, and auditing access to critical tables and views. Information System Security - Week 10 41

Summary  Vulnerabilities usually occur based on granting inappropriate privileges. CREATE ANY PROCEDURE CREATE ANY TRIGGER CREATE ANY VIEW GRANT Something to PUBLIC … Information System Security - Week 10 42

References  Oracle Hacker’s HandBook  Database Hacker’s HandBook   ticle_id=512 ticle_id=512 Information System Security - Week 10 43

Information System Security - Week 10 44

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.