API tools faq
paste
Advertisement
xe1phix

Xe1phix-[Oracle]-Database-SQL-Syntax-Cheatsheet-[v8.5.42].sh

xe1phix
Mar 9th, 2024
763
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 4.50 KB | Cybersecurity | 0 0
raw download clone embed print report
  1.  
  2.  
  3. ##-==========================================-##
  4. ##   [+] Oracle - Check Version :
  5. ##-==========================================-##
  6. SELECT banner FROM v$version WHERE banner LIKE 'Oracle%';
  7. SELECT banner FROM v$version WHERE banner LIKE 'TNS%';
  8. SELECT version FROM v$instance;
  9.  
  10.  
  11. ##-==========================================-##
  12. ##   [+] Oracle - Current User :
  13. ##-==========================================-##
  14. SELECT user FROM dual;
  15.  
  16.  
  17. ##-==========================================-##
  18. ##   [+] Oracle - List Users:
  19. ##-==========================================-##
  20. SELECT username FROM all_users ORDER BY username;
  21. SELECT name FROM sys.user$;
  22. SELECT name, password from sys.user$;
  23. SELECT name, spare4 from sys.user$;
  24. select username,account_status,created,profile FROM sys.dba_users ORDER BY username;
  25.  
  26.  
  27. ##-==========================================-##
  28. ##   [+] Oracle - List Password Hashes:
  29. ##-==========================================-##
  30. SELECT name, password, astatus FROM sys.user$;  
  31. SELECT name,spare4 FROM sys.user$ where rownum <= 10;
  32.  
  33.  
  34. ##-==========================================-##
  35. ##   [+] Oracle - Current Database:
  36. ##-==========================================-##
  37. SELECT global_name FROM global_name;
  38. SELECT name FROM v database;
  39. SELECT instance_name FROM v$instance;
  40. SELECT SYS.DATABASE_NAME FROM DUAL;
  41.  
  42.  
  43. ##-==========================================-##
  44. ##   [+] Oracle - List Databases:
  45. ##-==========================================-##
  46. SELECT DISTINCT owner FROM all_tables;
  47.  
  48.  
  49. ##-==========================================-##
  50. ##   [+] Oracle - List DBA Accounts:
  51. ##-==========================================-##
  52. SELECT DISTINCT grantee FROM dba_sys_privs WHERE ADMIN_OPTION = 'YES';
  53.  
  54.  
  55. ##-==========================================-##
  56. ##   [+] Oracle - List Columns :
  57. ##-==========================================-##
  58. SELECT column_name FROM all_tab_columns WHERE table_name = 'blah';
  59. SELECT column_name FROM all_tab_columns WHERE table_name = 'blah' and owner = 'foo';
  60.  
  61.  
  62. ##-==========================================-##
  63. ##   [+] Oracle - Tables:
  64. ##-==========================================-##
  65. SELECT table_name FROM all_tables;
  66. SELECT owner, table_name FROM all_tables;
  67.  
  68.  
  69. ##-==========================================-##
  70. ##   [+] Oracle - Tables From Column Name    :
  71. ##-==========================================-##
  72. SELECT owner, table_name FROM all_tab_columns WHERE column_name LIKE '%PASS%';
  73.  
  74.  
  75. ##-==========================================-##
  76. ##   [+] Oracle - Privileges :
  77. ##-==========================================-##
  78. SELECT * FROM session_privs;(Retrieves Current Privs)
  79. SELECT * FROM dba_sys_privs WHERE grantee = 'DBSNMP';
  80. SELECT grantee FROM dba_sys_privs WHERE privilege = 'SELECT ANY DICTIONARY';
  81. SELECT GRANTEE, GRANTED_ROLE FROM DBA_ROLE_PRIVS;
  82.  
  83.  
  84. ##-==========================================-##
  85. ##   [+] Oracle - Location of DB Files:
  86. ##-==========================================-##
  87. SELECT name FROM V$DATAFILE;
  88.  
  89.  
  90. ## --------------------------------------------------- ##
  91. ##   [?] First create a normal user and authorize:
  92. ## --------------------------------------------------- ##
  93. ##   [?] create user yang identified by yang;  
  94. ##   [?] grant connect, resource to yang;
  95. ## --------------------------------------------------- ##
  96.  
  97.  
  98. ##-==========================================-##
  99. ##   [+] Oracle - Make DNS Requests:
  100. ##-==========================================-##
  101. SELECT UTL_INADDR.get_host_address('www.baidu.com') FROM dual;
  102. SELECT UTL_HTTP.REQUEST('http://www.baidu.com/') FROM dual;
  103.  
  104.  
  105. ##-==========================================-##
  106. ##   [+] Oracle - Local File Access:
  107. ##-==========================================-##
  108. SELECT value FROM v$parameter2 WHERE name = '/etc/passwd';
  109.  
  110.  
  111. ##-==========================================-##
  112. ##   [+] Oracle - Hostname, IP Address:
  113. ##-==========================================-##
  114. SELECT host_name FROM v$instance;
  115. SELECT UTL_INADDR.get_host_name('192.168.1.103') FROM dual;
  116.  
  117.  
  118. ##-======================================================================-##
  119. ##   [+] Oracle - John the Ripper - Brute Force Oracle Password Hash:
  120. ##-======================================================================-##
  121. ## ---------------------------------------------------------------------------- ##
  122. ##   [?] DBSNMP:BA054BE9241074F8437B47B98B9298F6063561403341EA94F595D242183E
  123. ## ---------------------------------------------------------------------------- ##
  124. john --format=oracle11 /tmp/orahash.txt
  125.  
  126.  
  127.  
Tags: sql john Linux Database Kali db ParrotSec oracle DBA
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!