How checkpoint queue actually works (the basic scenario)

This article is true for Oracle 19.19 and 19.23 on ARM. On x86_64 there’s something funny going on with location of the buffer address in the private memory (finding appropriate register at kcbklbc call)- I need a bit more time to compare those two compilations, but the idea is the same 🙂 During my journey […]

Read more

[SOLVED!] ORA-39405: Oracle Data Pump does not support importing from a source database with TSTZ

This is a pain in the ass. You try to import something from a newer database and you hit the error that your timestamp is not good enough! Even tho you have no timestamp datatypes in the dump… The whole case was covered by Mike Dietrich: Let me show you my – a little bit […]

Read more

Binary patching/hacking VM process

We are continuing our journey as an evil KVM administrator who wants to mess with a tenants virtual machines. This time we will modify a binary execution code path by changing machine code opcodes in a running process! Let’s image a simple C program, that looks like this: This short code will show "You are […]

Read more

Last resort data recovery

Shit happens. We had recently another customer who can relate to that absolute truth – after a serious storage problem, they managed to restore only data files from one mount point. In theory they were lucky because it was mount point with actual data tablespaces… but they didn’t have any SYSTEM datafiles. It’s like having […]

Read more
hacking DBWR

Hacking database writer

So we continue our journey to understand the nature of buffer cache and forcing DBWR process to write our changes to disk. If you want to follow this thread – you should get familiar with at least those blog posts: Until now we have established, that DBWR will write to disk a database block changed […]

Read more

Flashback query and cursor: pin S wait on X

Check out those charts: During my last performance tuning audit I found out that database is consuming big amounts of CPU on parsing. One of the queries that took significant amount of time was rather a small DELETE looking something like this: Funny story tho – the table is usually empty but during the hot […]

Read more
Schrödinger's Backup

Blockrecover in Standard Edition? Nope, but close enough.

Halloween started really scary this year – some company called us and said, that they have some problems with their Oracle Database Standard Edition. Apparently they had a storage crash six months before, which caused some blocks to get corrupted and from that time no one has noticed that RMAN is not producing any backups. […]

Read more

How to change root password of running VM

You may already read my articles about virtualization/cloud security: In the above articles I was impersonating an evil cloud administrator and showing you how this kind of person can access and modify even encrypted data. We will continue this fun, but this time you may also use this trick when you forget root password in […]

Read more

RSS memory, Oracle and Hugepages

Recently a customer called us that there is something wrong after upgrading Oracle Database to 19.15 on RedHat. Apparently The amount of RAM consumed by DBWR and process servers became really impressive – as a proof I got screenshots looking like this: They said that before the migration it never looked like this and asked […]

Read more


Six years ago I wrote a short instruction on how to restore OCR and Votedisk in RAC 12c after a diskgroup failure. Yesterday I had a possibility of validating my procedure in 21c RAC environment and it has occurred that it is a bit more complicated. Who would have thought? 21 is just 12 backwards! […]

Read more
clouds are ephemeral and often leak

Attacking encrypted blocks by cloud admin

So you have migrated your databases to cloud and you want to feel a bit more secure – what do you do? Of course you follow the golden rule and you encrypt you tablespaces. That’s reasonable and that’s what vendor recommends. All databases created in Oracle Cloud Infrastructure are encrypted using transparent data encryption (TDE). […]

Read more

Rust as Oracle External Procedure

Inspired by a little chat with Frits Hoogland about the future of programming languages I challenged myself to learn a bit of Rust and show how to create a shared library to send emails and attach it to Oracle as an external procedure (just as I did with GoLang here: The steps are actually […]

Read more

GoLang as Oracle external procedure

This short article is a result of the following Twitter activity: So let’s do it! First of all, you have to install GoLang: Once this is done, we can create a Go program to send emails. We will use "″ to make it simple. Below you can find a simple GoLang code to send […]

Read more

KVM – how to read encrypted Oracle Database blocks from Virtual Machine memory

Remember my post, regarding dumping the SGA to read encrypted blocks? What if I tell you, that you can do the same, while being a KVM host administrator with no credentials to a VM itself? Let’s prepare our secure database in a way I did in article AMM vs security. After enabling Oracle Wallet and […]

Read more

VMI vs Security – careful what you type in a terminal

In my previous article I described a few technics of accessing a guest virtual machine from the virtualization host (KVM) without any credentials. It assumed that our data can get compromised by a corrupted vendor employee. After publishing it I had a few talks with my colleagues and have to explain one thing – the […]

Read more
1 2 3 8

Contact us

Database Whisperers sp. z o. o. sp. k.
al. Jerozolimskie 200, 3rd floor, room 342
02-486 Warszawa
NIP: 5272744987
+48 508 943 051
+48 661 966 009

Newsletter Sign up to be updated