API tools faq
paste
Advertisement
xdxdxd123

Untitled

xdxdxd123
May 22nd, 2017
250
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.83 KB | None | 0 0
raw download clone embed print report
  1. Yahoo Hacking of Oracle Technologies V1.00
  2. © 2005 by Red-Database-Security GmbH
  3. 1/7
  4. This document contains information how to find Oracle Oracle technologies with Yahoo.
  5. It uses similar search strings like the document “Google Hacking of Oracle Technologies”
  6. This document is not static. Check for updates regularly.
  7. History: V1.00 - Initial release
  8. Database Logins
  9. iSQL*Plus is the web version of SQL*Plus the default user interface for the Oracle database
  10. iSQL*Plus
  11. http://search.yahoo.com/search?p=intitle%3AiSQL+intitle%3ARelease+inurl%3Aisqlplus&ei=UTF-
  12. 8&n=10&fl=0&x=wrt
  13. iSQL*Plus 9.1
  14. http://search.yahoo.com/search?p=intitle%3AiSQL+intitle%3ARelease+inurl%3Aisqlplus+intitle%3
  15. A9.0.1&ei=UTF-8&n=10&fl=0&x=wrt
  16. iSQL*Plus 9.2
  17. http://search.yahoo.com/search?p=intitle%3AiSQL+intitle%3ARelease+inurl%3Aisqlplus+intitle%3
  18. A9.2&ei=UTF-8&n=10&fl=0&x=wrt
  19. iSQL*Plus 9.2.0.1
  20. http://search.yahoo.com/search?p=intitle%3AiSQL+intitle%3ARelease+inurl%3Aisqlplus+intitle%3
  21. A9.2.0.1&ei=UTF-8&n=10&fl=0&x=wrt
  22. iSQL*Plus 9.2.0.2
  23. http://search.yahoo.com/search?p=intitle%3AiSQL+intitle%3ARelease+inurl%3Aisqlplus+intitle%3
  24. A9.2.0.2&ei=UTF-8&n=10&fl=0&x=wrt
  25. iSQL*Plus 9.2.0.3
  26. http://search.yahoo.com/search?p=intitle%3AiSQL+intitle%3ARelease+inurl%3Aisqlplus+intitle%3
  27. A9.2.0.3&ei=UTF-8&n=10&fl=0&x=wrt
  28. iSQL*Plus 9.2.0.4
  29. http://search.yahoo.com/search?p=intitle%3AiSQL+intitle%3ARelease+inurl%3Aisqlplus+intitle%3
  30. A9.2.0.4&ei=UTF-8&n=10&fl=0&x=wrt
  31. iSQL*Plus 9.2.0.5
  32. http://search.yahoo.com/search?p=intitle%3AiSQL+intitle%3ARelease+inurl%3Aisqlplus+intitle%3
  33. A9.2.0.5&ei=UTF-8&n=10&fl=0&x=wrt
  34. iSQL*Plus 9.2.0.6
  35. Yahoo Hacking of Oracle Technologies V1.00
  36. © 2005 by Red-Database-Security GmbH
  37. 2/7
  38. http://search.yahoo.com/search?p=intitle%3AiSQL+intitle%3ARelease+inurl%3Aisqlplus+intitle%3
  39. A9.2.0.6&ei=UTF-8&n=10&fl=0&x=wrt
  40. iSQL*Plus 10.1
  41. http://search.yahoo.com/search?p=intitle%3AiSQL+intitle%3ARelease+inurl%3Aisqlplus+intitle%3
  42. A10.1&ei=UTF-8&n=10&fl=0&x=wrt
  43. iSQL*Plus 10.1.0.1
  44. http://search.yahoo.com/search?p=intitle%3AiSQL+intitle%3ARelease+inurl%3Aisqlplus+intitle%3
  45. A10.1.0.1&ei=UTF-8&n=10&fl=0&x=wrt
  46. iSQL*Plus 10.1.0.2
  47. http://search.yahoo.com/search?p=intitle%3AiSQL+intitle%3ARelease+inurl%3Aisqlplus+intitle%3
  48. A10.1.0.2&ei=UTF-8&n=10&fl=0&x=wrt
  49. iSQL*Plus 10.1.0.3
  50. http://search.yahoo.com/search?p=intitle%3AiSQL+intitle%3ARelease+inurl%3Aisqlplus+intitle%3
  51. A10.1.0.3&ei=UTF-8&n=10&fl=0&x=wrt
  52. iSQL*Plus 10.1.0.4
  53. http://search.yahoo.com/search?p=intitle%3AiSQL+intitle%3ARelease+inurl%3Aisqlplus+intitle%3
  54. A10.1.0.4&ei=UTF-8&n=10&fl=0&x=wrt
  55. Yahoo Hacking of Oracle Technologies V1.00
  56. © 2005 by Red-Database-Security GmbH
  57. 3/7
  58. Oracle Application Server:
  59. iAS Demopages
  60. http://search.yahoo.com/search?p=++%22inurl%3A%2FiASDemos.htm%22&ei=UTF-
  61. 8&n=10&fl=0&x=wrt
  62. http://search.yahoo.com/search?p=++%22inurl%3A%2FJ2EEandIA.htm%22&ei=UTF-
  63. 8&n=10&fl=0&x=wrt
  64. Oracle Forms
  65. Oracle Forms 6i (using CGI)
  66. http://search.yahoo.com/search?_adv_prop=web&x=op&ei=UTF-
  67. 8&va=f60cgi&va_vt=url&vp_vt=any&vo_vt=any&ve_vt=any&vd=all&vst=0&vf=all&vm=i&fl=0
  68. &n=100
  69. http://search.yahoo.com/search?p=+inurl%3Aifcgi60&ei=UTF-8&n=100&fl=0&x=wrt
  70. Oracle Forms 6i (using Servlets)
  71. http://search.yahoo.com/search?p=inurl%3Af60servlet&ei=UTF-8&n=100&fl=0&x=wrt
  72. and
  73. http://search.yahoo.com/search?p=allinurl%3A+oracle.forms.servlet&ei=UTF-
  74. 8&n=100&fl=0&x=wrt
  75. Oracle Forms 9i
  76. http://search.yahoo.com/search?p=inurl%3Af90servlet&ei=UTF-8&n=100&fl=0&x=wrt
  77. Oracle Reports
  78. Oracle Reports 6i
  79. http://search.yahoo.com/search?p=inurl%3Arwcgi60&ei=UTF-8&n=100&fl=0&x=wrt
  80. Oracle Reports 9i
  81. http://search.yahoo.com/search?p=%22inurl%3Arwservlet%22+%22inurl%3Areports%22&ei=UTF-
  82. 8&n=100&fl=0&x=wrt
  83. Oracle Discoverer
  84. Oracle Discoverer 9i Viewer
  85. http://search.yahoo.com/search?p=%22inurl%3Adiscoverer%2Fviewer%22&ei=UTF-
  86. 8&n=100&fl=0&x=wrt
  87. Oracle Discoverer 9i Plus
  88. http://search.yahoo.com/search?p=%22inurl%3Adiscoverer%2Fplus%22&ei=UTF-
  89. 8&n=100&fl=0&x=wrt
  90. Oracle Discoverer 10g
  91. http://search.yahoo.com/search?p=%22inurl%3Adiscoverer%2Fapp%22&ei=UTF-
  92. 8&n=100&fl=0&x=wrt
  93. Yahoo Hacking of Oracle Technologies V1.00
  94. © 2005 by Red-Database-Security GmbH
  95. 4/7
  96. Oracle HTTP Server
  97. Browsable Oracle HTTP Server Directories
  98. http://search.yahoo.com/search?p=%22Index+of%22++%22Oracle-HTTP-
  99. Server%22+Server+at+Port+%22Last+modified%22&ei=UTF-8&n=100&fl=0&x=wrt
  100. Oracle HTTP Server 1.3.12
  101. http://search.yahoo.com/search?p=%22Index+of%22++%22Oracle-HTTP-
  102. Server%22+Server+at+Port+%22Last+modified%22+1.3.12&ei=UTF-8&n=100&fl=0&x=wrt
  103. Oracle HTTP Server 1.3.19
  104. http://search.yahoo.com/search?p=%22Index+of%22++%22Oracle-HTTP-
  105. Server%22+Server+at+Port+%22Last+modified%22+1.3.19&ei=UTF-8&n=100&fl=0&x=wrt
  106. Oracle HTTP Server 1.3.22
  107. http://search.yahoo.com/search?p=%22Index+of%22++%22Oracle-HTTP-
  108. Server%22+Server+at+Port+%22Last+modified%22+1.3.22&ei=UTF-8&n=100&fl=0&x=wrt
  109. Oracle HTTP Server 1.3.28
  110. http://search.yahoo.com/search?p=%22Index+of%22++%22Oracle-HTTP-
  111. Server%22+Server+at+Port+%22Last+modified%22+1.3.28&ei=UTF-8&n=100&fl=0&x=wrt
  112. Oracle HTTP Server 10g
  113. http://search.yahoo.com/search?p=%22Index+of%22++%22Oracle-HTTP-
  114. Server%22+Server+at+Port+%22Last+modified%22++%22Oracle-Application-Server-
  115. 10g%22&ei=UTF-8&n=100&fl=0&x=wrt
  116. Oracle Webdav
  117. http://search.yahoo.com/search?p=%22inurl%3A%2Fdav_public%22&ei=UTF-
  118. 8&n=100&fl=0&x=wrt
  119. Oracle Single-Sign-On Page
  120. http://search.yahoo.com/search?p=%22intitle%3ASingle+Sign-
  121. On%22+%22Oracle+Corporation%22+%22All+rights+reserved%22&ei=UTF-
  122. 8&n=100&fl=0&x=wrt
  123. http://search.yahoo.com/search?p=%22inurl%3Apls%2Forasso%22&ei=UTF-
  124. 8&n=100&fl=0&x=wrt
  125. Oracle Portal
  126. http://search.yahoo.com/search?p=%22inurl%3Apls%2Fportal%22&ei=UTF-
  127. 8&n=100&fl=0&x=wrt
  128. Yahoo Hacking of Oracle Technologies V1.00
  129. © 2005 by Red-Database-Security GmbH
  130. 5/7
  131. Oracle HTMLDB
  132. http://search.yahoo.com/search?p=%22inurl%3Apls%2Fhtmldb%22&ei=UTF-
  133. 8&n=100&fl=0&x=wrt
  134. Oracle Internet Directory OIDDAS
  135. http://search.yahoo.com/search?p=%22inurl%3Aoiddas%22&ei=UTF-8&n=100&fl=0&x=wrt
  136. Designer generated Web Application
  137. http://search.yahoo.com/search?p=%22inurl%3Apls%22+%22inurl%3Astartup%22+%22inurl%3A
  138. %24.%22&ei=UTF-8&n=100&fl=0&x=wrt
  139. Oracle Enterprise Manager
  140. Oracle Enterprise Manager 9i
  141. http://search.yahoo.com/search?p=%22inurl%3A%2Femd%2Fmain%22&ei=UTF-
  142. 8&n=100&fl=0&x=wrt
  143. Oracle Enterprise Manager 10g
  144. http://search.yahoo.com/search?p=%22inurl%3A%2Fem%2Fconsole%22+%22intitle%3AOracle+E
  145. nterprise+Manager%22++Copyright+Oracle&ei=UTF-8&n=100&fl=0&x=wrt
  146. Oracle Ultrasearch
  147. http://search.yahoo.com/search?p=%22inurl%3A%2Fultrasearch%2Fquery%22&ei=UTF-
  148. 8&n=100&fl=0&x=wrt
  149. Oracle Lite 9i
  150. http://search.yahoo.com/search?p=%22inurl%3Awebtogo%2Findex.html%22&ei=UTF-
  151. 8&n=100&fl=0&x=wrt
  152. Oracle Jinitator Download Page
  153. http://search.yahoo.com/search?p=%22inurl%3Ajinitiator%22+%22intitle%3AOracle+JInitiator%22
  154. +%22intitle%3ADownload+Page%22&ei=UTF-8&n=100&fl=0&x=wrt
  155. Oracle mod_plsql-related
  156. Oracle DAD Config Page
  157. http://search.yahoo.com/search?p=%22inurl%3A%2Fpls%2Fadmin_%2Fgateway.htm%22+&ei=UT
  158. F-8&n=100&fl=0&x=wrt
  159. http://search.yahoo.com/search?p=inurl%3Aadmin_%2Fglobalsettings.htm&ei=UTF-
  160. 8&n=100&fl=0&x=wrt
  161. Yahoo Hacking of Oracle Technologies V1.00
  162. © 2005 by Red-Database-Security GmbH
  163. 6/7
  164. Oracle Pages with wrong DAD configuration
  165. http://search.yahoo.com/search?p=%22No+DAD+configuration+Found%22++%22DAD+Name%22
  166. &ei=UTF-8&n=100&fl=0&x=wrt
  167. Oracle JDeveloper:
  168. Oracle OC4j connections.xml
  169. http://search.yahoo.com/search?p=+%22inurl%3Aconnections+xml%22+filetype%3Axml&ei=UTF-
  170. 8&n=100&fl=0&x=wrt
  171. Oracle JSP with error messages “at oracle.jsp”
  172. http://search.yahoo.com/search?p=%22at+oracle.jsp.%22+%22Exception%3A%22+%22Request+U
  173. RI%3A%22+%22JSP+Error%3A%22&ei=UTF-8&n=100&fl=0&x=wrt
  174. Oracle JSP with error messages “at oracle.jdbc”
  175. http://search.yahoo.com/search?p=%22at+oracle.jdbc%22+%22Exception%3A%22++%22JSP+Erro
  176. r%22&ei=UTF-8&n=100&fl=0&x=wrt
  177. Oracle UIX Applications:
  178. http://search.yahoo.com/search?p=inurl%3Auix+inurl%3Aimtapp&ei=UTF-8&n=100&fl=0&x=wrt
  179. Oracle Web Conferencing:
  180. http://search.yahoo.com/search?p=%22inurl%3A%2Fimtapp%22+Conference&ei=UTF-
  181. 8&n=100&fl=0&x=wrt
  182. OracleAS Wireless Portal:
  183. http://search.yahoo.com/search?p=%22inurl%3Aptg%2Frm%22&ei=UTF-8&n=100&fl=0&x=wrt
  184. Oracle iLearning:
  185. http://search.yahoo.com/search?p=%22inurl%3A%2Filearn%2Fen%22&ei=UTF-
  186. 8&n=100&fl=0&x=wrt
  187. Oracle FilesOnline:
  188. http://search.yahoo.com/search?p=%22inurl%3A%2Ffiles%2Fapp%2FHomePage%22&ei=UTF-
  189. 8&n=100&fl=0&x=wrt
  190. Oracle iStore:
  191. http://search.yahoo.com/search?p=%22inurl%3A%2FOA_HTML%2F%22&ei=UTF-
  192. 8&n=100&fl=0&x=wrt
  193. Oracle CRM Login Page:
  194. http://search.yahoo.com/search?p=%22inurl%3A%2FOA_HTML%2Fjtflogin.jsp%22&ei=UTF-
  195. 8&n=100&fl=0&x=wrt
  196. Yahoo Hacking of Oracle Technologies V1.00
  197. © 2005 by Red-Database-Security GmbH
  198. 7/7
  199. Related Links:
  200. Google Hacking for Oracle Technologies:
  201. http://www.red-database-security.com/wp/google_oracle_hacking_us.pdf
  202. Search Engines Used to Attack Databases:
  203. http://www.appsecinc.com/presentations/Search_Engine_Attack_Database.pdf
  204. Johnny Long’s Google Hacking Webpage:
  205. http://johnny.ihackstuff.com/
  206. Other Oracle security related documents:
  207. Hardening Oracle Application Server 9i Rel.1, 9i Rel.2 and 10g:
  208. http://www.red-database-security.com/wp/DOAG_2004_us.pdf
  209. Hardening Oracle DBA and Developer Workstations:
  210. http://www.red-database-security.com/wp/hardening_admin_pc_us.pdf
  211. Database Rootkits:
  212. http://www.red-database-security.com/wp/db_rootkits_us.pdf
  213. SQL Injection in Oracle Forms:
  214. http://www.red-database-security.com/wp/sql_injection_forms_us.pdf
  215. About Red-Database Security GmbH:
  216. Red-Database-Security GmbH is a specialist in Oracle Security. We are offerings Oracle security
  217. trainings, database and application server audits, penetration tests, oracle (security) architecture
  218. reviews and software security solutions against Oracle rootkits.
  219. Contact:
  220. If you have questions or comments you could contact us via
  221. info at red-database-security.com
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!