ODBV3
17.09.2018

ODBV3 – more comfortable usage

It has been crazy few months – organizing POUG2018 took a lot of energy but it was satisfying as hell! 😀 This weekend I had some time to prepare a new version of ODBV for Trivadis Performance Days 2018 where I’ll be talking about the internals of database block storage. The series of articles about […]


Czytaj
SGADUMP
10.07.2018

Dumping SGA to read encrypted blocks

After my last article AMM vs security, Martin Berger wrote to me: well, even without AMM you can do it: write your own process which attaches to the same shm segments – and use its memory mapping (?) My response was that it is also possible with ASMM but AMM makes it extremely easy. And […]


Czytaj
AMM
18.05.2018

AMM vs security

Most of us already know that AMM sucks. But usually, we think about disadvantages of AMM in terms of performance. Let’s see why it sucks in the terms of security 😉 Let’s create an encrypted tablespace for HR.EMPLOYEES and protect HR schema with Database Vault. Now we will use dbca to configure a database for […]


Czytaj
RICO2 & BBED
14.02.2018

Project RICO2 and the history of APEX upgrade that went terribly wrong.

In my last blog post I explained a XOR alghorithm that is used to count Oracle database block checksum. I also wrote, that sometimes you are facing problems, that are unresolvable without a low-level knowledge. This is the story of this kind of situation. The story of misread documentation. The story of haste and hex. […]


Czytaj
GDB
28.01.2018

Oracle database block checksum XOR algorithm explained

Recently I’ve started to write my own clone of BBED to have something handy and useful in extreme cases when you have to go deep and fix stuff on low level (I have only like 2 such cases a year but each time it is really fun and a nice money 😉 ) When I’ll […]


Czytaj
ODBV
21.12.2017

ODBVv2 – ghostdata busters

Some time ago I wrote a simple tool to learn about Oracle data block internals – ODBV. The series of articles can be found here: http://blog.ora-600.pl/?s=odbv&submit= and the github repo is here: https://github.com/ora600pl/odbv This is not a production tool but during the last session in Birmingham at UKOUG_TECH17 – where I was doing a presentation […]


Czytaj
12c & external tables
10.02.2016

How to list files from directory using external table in 12c

I’ve wrote about privilege escalation with external tables in this post: http://blog.ora-600.pl/2014/12/23/simple-technics-of-privilege-escalation-part2-dbasysdba/ This time we will try to list all files within directory object, to which we have no EXECUTE privs. This is possible due to great new feature of database 12c that allows to use metacharacters to match multiple files in external table. I […]


Czytaj
SECURITY
11.10.2015

Secure your database (part 1)

I’ve already showed you, how to escalate privileges in Oracle Databases. http://blog.ora-600.pl/2013/04/02/privilege-escalation-in-oracle-11gr2-part1/ http://blog.ora-600.pl/2014/12/23/simple-technics-of-privilege-escalation-part2-dbasysdba/ The question is – how to secure your database, if you don’t have EE or possibility to buy Oracle Database Vault or Oracle Advanced Security. Well – there’s always a DBA creativity 😉 For example – if you want to secure the […]


Czytaj
[PL] Browar z Wyrocznią
04.09.2015

Jak smakuje Browar z Wyrocznią

I było tak, że 31 dnia miesiąca sierpnia roku 2015, spotkali się entuzjaści Wyroczni w posiadłości AVIVA. I było tak, że dzierżąc kufle – po brzegi browarem wypełnione – zasiadło wielu aby posłuchać kilku, którzy chcieli się przemyśleniami swoimi podzielić. I stało się tak, że admin przepijał do dewelopera a deweloper do admina i pospołu dyskusja toczyła się wartka a […]


Czytaj
1 2

Kontakt

Database Whisperers sp. z o. o. sp. k.
Al. Jerozolimskie 200
Wejście B, III piętro/ pokój 342
02-486 Warszawa
NIP: 5272744987
REGON:362524978
+48 508 943 051
+48 661 966 009
info@ora-600.pl

Newsletter zapisz się żeby być na bieżąco