QEMU HACK
02.10.2022

How to change root password of running VM

You may already read my articles about virtualization/cloud security: In the above articles I was impersonating an evil cloud administrator and showing you how this kind of person can access and modify even encrypted data. We will continue this fun, but this time you may also use this trick when you forget root password in […]


Read more
KVM + TTE + VMI
15.04.2021

KVM – how to read encrypted Oracle Database blocks from Virtual Machine memory

Remember my post, regarding dumping the SGA to read encrypted blocks? What if I tell you, that you can do the same, while being a KVM host administrator with no credentials to a VM itself? Let’s prepare our secure database in a way I did in article AMM vs security. After enabling Oracle Wallet and […]


Read more
KVM
30.03.2021

Cloud/KVM/VDSM/SRIOV/WTF security…

So apparently this cloud-thing is here for good. You may even say that it became endemic 😉 With cloud there is one potential problem – the bigger and heavier it is, the more possible is the leak. Cloud after all is just a virtualization in a big scale and if you go to public cloud […]


Read more
ODBV3
17.09.2018

ODBV3 – more comfortable usage

It has been crazy few months – organizing POUG2018 took a lot of energy but it was satisfying as hell! 😀 This weekend I had some time to prepare a new version of ODBV for Trivadis Performance Days 2018 where I’ll be talking about the internals of database block storage. The series of articles about […]


Read more
SGADUMP
10.07.2018

Dumping SGA to read encrypted blocks

After my last article AMM vs security, Martin Berger wrote to me: well, even without AMM you can do it: write your own process which attaches to the same shm segments – and use its memory mapping (?) My response was that it is also possible with ASMM but AMM makes it extremely easy. And […]


Read more
AMM
18.05.2018

AMM vs security

Most of us already know that AMM sucks. But usually, we think about disadvantages of AMM in terms of performance. Let’s see why it sucks in the terms of security 😉 Let’s create an encrypted tablespace for HR.EMPLOYEES and protect HR schema with Database Vault. Contents of sqlnet.ora Now we will use dbca to configure […]


Read more
RICO2 & BBED
14.02.2018

Project RICO2 and the history of APEX upgrade that went terribly wrong.

In my last blog post I explained a XOR alghorithm that is used to count Oracle database block checksum. I also wrote, that sometimes you are facing problems, that are unresolvable without a low-level knowledge. This is the story of this kind of situation. The story of misread documentation. The story of haste and hex. […]


Read more
GDB
28.01.2018

Oracle database block checksum XOR algorithm explained

Recently I’ve started to write my own clone of BBED to have something handy and useful in extreme cases when you have to go deep and fix stuff on low level (I have only like 2 such cases a year but each time it is really fun and a nice money 😉 ) When I’ll […]


Read more
ODBV
21.12.2017

ODBVv2 – ghostdata busters

Some time ago I wrote a simple tool to learn about Oracle data block internals – ODBV. The series of articles can be found here: https://blog.ora-600.pl/?s=odbv&submit= and the github repo is here: https://github.com/ora600pl/odbv This is not a production tool but during the last session in Birmingham at UKOUG_TECH17 – where I was doing a presentation […]


Read more
12c & external tables
10.02.2016

How to list files from directory using external table in 12c

I’ve wrote about privilege escalation with external tables in this post: https://blog.ora-600.pl/2014/12/23/simple-technics-of-privilege-escalation-part2-dbasysdba/ This time we will try to list all files within directory object, to which we have no EXECUTE privs. This is possible due to great new feature of database 12c that allows to use metacharacters to match multiple files in external table. I […]


Read more
SECURITY
11.10.2015

Secure your database (part 1)

I’ve already showed you, how to escalate privileges in Oracle Databases. https://blog.ora-600.pl/2013/04/02/privilege-escalation-in-oracle-11gr2-part1/ https://blog.ora-600.pl/2014/12/23/simple-technics-of-privilege-escalation-part2-dbasysdba/ The question is – how to secure your database, if you don’t have EE or possibility to buy Oracle Database Vault or Oracle Advanced Security. Well – there’s always a DBA creativity 😉 For example – if you want to secure the […]


Read more
[PL] Browar z Wyrocznią
04.09.2015

Jak smakuje Browar z Wyrocznią

I było tak, że 31 dnia miesiąca sierpnia roku 2015, spotkali się entuzjaści Wyroczni w posiadłości AVIVA. I było tak, że dzierżąc kufle – po brzegi browarem wypełnione – zasiadło wielu aby posłuchać kilku, którzy chcieli się przemyśleniami swoimi podzielić. I stało się tak, że admin przepijał do dewelopera a deweloper do admina i pospołu dyskusja toczyła się wartka a […]


Read more
1 2

Contact us

Database Whisperers sp. z o. o. sp. k.
al. Jerozolimskie 200, 3rd floor, room 342
02-486 Warszawa
NIP: 5272744987
REGON:362524978
+48 508 943 051
+48 661 966 009
info@ora-600.pl

Newsletter Sign up to be updated