思维导图备注

The Oracle Hacker's Handbook_ H - David Litchfield
首页 收藏书籍 阅读记录
  • 书签 我的书签
  • 添加书签 添加书签 移除书签 移除书签

CHAPTER 7 - Indirect Privilege Escalation

浏览 18 扫码
  • 小字体
  • 中字体
  • 大字体
2022-02-24 02:37:59
请 登录 再阅读
上一篇:
下一篇:
  • 书签
  • 添加书签 移除书签
  • Title Page
  • Copyright Page
  • Dedication
  • About the Author
  • Credits
  • Acknowledgements
  • Introduction
  • CHAPTER 1 - Overview of the Oracle RDBMS
    • Architecture
    • Processes
    • The File System
    • The Network
    • Oracle Patching
    • Wrapping Up
  • CHAPTER 2 - The Oracle Network Architecture
    • The TNS Protocol
    • Getting the Oracle Version
    • Wrapping Up
  • CHAPTER 3 - Attacking the TNS Listener and Dispatchers
    • Attacking the TNS Listener
    • The Aurora GIOP Server
    • The XML Database
    • Wrapping Up
  • CHAPTER 4 - Attacking the Authentication Process
    • How Authentication Works
    • Attacks Against the Crypto Aspects
    • Default Usernames and Passwords
    • Account Enumeration and Brute Force
    • Wrapping Up
  • CHAPTER 5 - Oracle and PL/SQL PL/SQL
    • What Is PL/SQL?
    • PL/SQL Execution Privileges
    • Wrapped PL/SQL
    • PL/SQL Injection
    • Investigating Flaws
    • Direct SQL Execution Flaws
    • PL/SQL Race Conditions
    • Auditing PL/SQL Code
    • The DBMS_ASSERT Package
    • Some Real-World Examples
    • Wrapping Up
  • CHAPTER 6 - Triggers
    • Trigger Happy: Exploiting Triggers for Fun and Profit
    • Examples of Exploiting Triggers
    • Wrapping Up
  • CHAPTER 7 - Indirect Privilege Escalation
    • A Hop, a Step, and a Jump: Getting DBA Privileges Indirectly
    • Wrapping Up
  • CHAPTER 8 - Defeating Virtual Private Databases
    • Tricking Oracle into Dropping a Policy
    • Defeating VPDs with Raw File Access
    • General Privileges
    • Wrapping Up
  • CHAPTER 9 - Attacking OraclePL/SQL Web Applications
    • Oracle PL/SQL Gateway Architecture
    • Recognizing the Oracle PL/SQL Gateway
    • Verifying the Existence of the Oracle PL/SQL Gateway
    • Attacking the PL/SQL Gateway
    • Wrapping Up
  • CHAPTER 10 - Running Operating System Commands
    • Running OS Commands through PL/SQL
    • Running OS Commands through Java
    • Running OS Commands Using DBMS_SCHEDULER
    • Running OS Commands Directly with the Job Scheduler
    • Running OS Commands Using ALTER SYSTEM
    • Wrapping Up
  • CHAPTER 11 - Accessing the File System
    • Accessing the File System Using the UTL_FILE Package
    • Accessing the File System Using Java
    • Accessing Binary Files
    • Exploring Operating System Environment Variables
    • Wrapping Up
  • CHAPTER 12 - Accessing the Network the Network
    • Data Exfiltration
    • Encrypting Data Prior to Exfiltrating
    • Attacking Other Systems on the Network
    • Java and the Network
    • Database Links
    • Wrapping Up
  • APPENDIX A - Default Usernames and Passwords
  • Index
暂无相关搜索结果!
    展开/收起文章目录

    二维码

    手机扫一扫,轻松掌上学

    《The Oracle Hacker's Handbook_ H - David Litchfield》电子书下载

    请下载您需要的格式的电子书,随时随地,享受学习的乐趣!
    EPUB 电子书

    书签列表

      阅读记录

      阅读进度: 0.00% ( 0/0 ) 重置阅读进度