Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Exciting Oracle News :: Oracle DB Worm Code Published :: Oracle Passwords Crack in Mere Minutes

Re: Exciting Oracle News :: Oracle DB Worm Code Published :: Oracle Passwords Crack in Mere Minutes

From: <bdbafh_at_gmail.com>
Date: 3 Nov 2005 12:35:03 -0800
Message-ID: <1131050103.283762.282280@g43g2000cwa.googlegroups.com>


I'd suggest that the author properly instrument his code with the use of dbms_application_info. The author has placed calls to dbms_output for debugging purposes ... why not leave a trail (if desired) in v$session for someone to possibly see and react to?

initialize:

dbms_application_info.set_client_info('HaHaHaHaHaHa'); dbms_application_info.set_module('ora w0rm at hushmail','like 2 create tbl X');

loop:

dbms_application_info.set_action('Attacking the SID: ' || sid );

and then its accompanying call of

dbms_application_info.set_action(null);

after the loop has completed.

This of course is meant as a joke
(except for the nulling out the action after you're done - that is serious business).

-bdbafh Received on Thu Nov 03 2005 - 14:35:03 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US