Re: oracle-sid-brute.nse

[Patrik Karlsson <patrik () cqure net>]

On 14 dec 2009, at 04.38, David Fifield wrote:

> On Sat, Dec 12, 2009 at 11:27:21AM +0100, Patrik Karlsson wrote:
> > I have created a script that attempts to guess valid Oracle instance
> > names by using a dictionary. It can be run with an argument specifying
> > the dictionary to use or using the default dictionary (supplied in the
> > zip).
> >
> > As always any pointers on improvement, comments and suggestions are
> > most welcome. The zip-archive containing the script and default
> > dictionary file can be downloaded on my blog:
>
> This looks good. Do we (the Nmap project) have permission do distribute
> the SIDs list, which as you write on your web page, comes from
> http://www.red-database-security.com/scripts/sid.txt?
>
> Instead of using a file_exists function to check for the SIDs database,
> you can just open the file with io.open and then iterate over the lines
> with the lines method of the file object.
>
> http://www.lua.org/manual/5.1/manual.html#pdf-file:lines
>
> (As opposed to using io.lines, which both opens the file and creates an
> iterator.)
>
> About how long does the script take to run against a single host?
>
> David Fifield


The author gave the Nmap project the permission to redistribute the list and even sent me an updated version. I have 
made the corrections that you propose and removed the file_exists function completely.

The list now contains 732 entries and takes roughly 1.20 seconds to run against a single Oracle 11G host.
I have created a new zip-archive with both the script and the dictionary and posted it here:
http://www.cqure.net/tools/nse/oracle-sid-brute.zip

//Patrik


--
Patrik Karlsson
http://www.cqure.net




_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/