Wednesday, April 26, 2017

Good afternoon welcome back to war! This is for a TNS Poison Attack, to Oracle Database Releases 12.1 or above...so, IF a sub string can be a IP address, THEN..you can legitimate yourself If False PRINT

In Oracle/PLSQL, the instr function returns the location of a sub-string in a string.
If the sub-string is not found, then instr will return 0.
I want to search multiple sub-strings in a string and return the first non-zero value. This can be achieved using regexp_instr, but I'd like a non-regexp_ solution.
Example:
regexp_instr('500 Oracle Parkway, Redwood Shores, CA','(Apple|Park|Shores)')
should return 12 (the location of 'Park').
...

4down voteaccepted
INSTR doesn't support regex ORs - you'd have to define INSTR function calls for each substring you want to check for. The equivalent of regexp_instr('500 Oracle Parkway, Redwood Shores, CA','(Apple|Park|Shores)') would be:
WHERE (INSTR('500 Oracle Parkway, Redwood Shores, CA', 'Apple') > 0
      OR
      INSTR('500 Oracle Parkway, Redwood Shores, CA', 'Park') > 0
      OR
      INSTR('500 Oracle Parkway, Redwood Shores, CA', 'Shores') > 0)
Depending on your needs, full text search functionality might be more towards what you want?

ATTACK IS :
TNS Poison Attack vulnerability exploits Oracle listener’s database service registration functionality. Oracle database users connect to the database services through Oracle TNS Listener which acts as a traffic cop. A malicious attacker, residing on the same network as the database, registers a malicious service with the database listener with the same service name as legitimate database service. No credentials are required to register a database service with the listener. An attacker can use Oracle database software or easily available other tools to register a malicious database service.
After completion of the malicious database service registration with the same name as legitimate service name, Oracle listener has two services to choose from – a legitimate service and a malicious service. With two database services available, Oracle listener switches to the load balancing traffic cop mode, directing users alternatively to the legitimate service and the malicious service. At least, 50% of the user sessions are directed to the malicious service. Database user sessions, which are now communicating through the malicious service, can be hijacked by the attacker. An attacker is in the middle. All communication from the users to the database is now passing through the malicious attacker. Attack post stablished. Attacker has full purview of what users are communicating with the database. At a minimum, the attacker can view and steal the data. Additional SQL commands may be injected to broaden the scope or carry out additional attacks. If a database user communicating with the database happens to be a privileged user with the DBA role, then the attacker has complete control of the database. Database compromised. Mission accomplished.

No comments: