Schrödinger's Backup
23.12.2022

Blockrecover in Standard Edition? Nope, but close enough.

Halloween started really scary this year – some company called us and said, that they have some problems with their Oracle Database Standard Edition. Apparently they had a storage crash six months before, which caused some blocks to get corrupted and from that time no one has noticed that RMAN is not producing any backups. […]


Read more
QEMU HACK
02.10.2022

How to change root password of running VM

You may already read my articles about virtualization/cloud security: In the above articles I was impersonating an evil cloud administrator and showing you how this kind of person can access and modify even encrypted data. We will continue this fun, but this time you may also use this trick when you forget root password in […]


Read more
RSS
19.05.2022

RSS memory, Oracle and Hugepages

Recently a customer called us that there is something wrong after upgrading Oracle Database to 19.15 on RedHat. Apparently The amount of RAM consumed by DBWR and process servers became really impressive – as a proof I got screenshots looking like this: They said that before the migration it never looked like this and asked […]


Read more
13.05.2022

ORACLE RAC 21C: RESTORE OCR AND VOTEDISK

Six years ago I wrote a short instruction on how to restore OCR and Votedisk in RAC 12c after a diskgroup failure. Yesterday I had a possibility of validating my procedure in 21c RAC environment and it has occurred that it is a bit more complicated. Who would have thought? 21 is just 12 backwards! […]


Read more
clouds are ephemeral and often leak
14.02.2022

Attacking encrypted blocks by cloud admin

So you have migrated your databases to cloud and you want to feel a bit more secure – what do you do? Of course you follow the golden rule and you encrypt you tablespaces. That’s reasonable and that’s what vendor recommends. All databases created in Oracle Cloud Infrastructure are encrypted using transparent data encryption (TDE). […]


Read more
Rust
07.05.2021

Rust as Oracle External Procedure

Inspired by a little chat with Frits Hoogland about the future of programming languages I challenged myself to learn a bit of Rust and show how to create a shared library to send emails and attach it to Oracle as an external procedure (just as I did with GoLang here: https://blog.ora-600.pl/2021/05/04/golang-as-oracle-external-procedure/) The steps are actually […]


Read more
GO
04.05.2021

GoLang as Oracle external procedure

This short article is a result of the following Twitter activity: So let’s do it! First of all, you have to install GoLang: https://golang.org/doc/install Once this is done, we can create a Go program to send emails. We will use "gopkg.in/mail.v2″ to make it simple. Below you can find a simple GoLang code to send […]


Read more
KVM + TTE + VMI
15.04.2021

KVM – how to read encrypted Oracle Database blocks from Virtual Machine memory

Remember my post, regarding dumping the SGA to read encrypted blocks? What if I tell you, that you can do the same, while being a KVM host administrator with no credentials to a VM itself? Let’s prepare our secure database in a way I did in article AMM vs security. After enabling Oracle Wallet and […]


Read more
KVM VMI
10.04.2021

VMI vs Security – careful what you type in a terminal

In my previous article I described a few technics of accessing a guest virtual machine from the virtualization host (KVM) without any credentials. It assumed that our data can get compromised by a corrupted vendor employee. After publishing it I had a few talks with my colleagues and have to explain one thing – the […]


Read more
1 2 3 4 13

Contact us

Database Whisperers sp. z o. o. sp. k.
al. Jerozolimskie 200, 3rd floor, room 342
02-486 Warszawa
NIP: 5272744987
REGON:362524978
+48 508 943 051
+48 661 966 009
info@ora-600.pl

Newsletter Sign up to be updated