Jared,
I see you log out and log back in as SYSTEM to DB2. But how do you know the
password for SYSTEM to log back in with after you change it?
What if you don't log out? When I tried that (i.e. not logging out), I got
ORA-1017.
Yong Huang
- Jared Still <jkstill_at_cybcon.com> wrote:
> Environment:
>
> DB1: RH 8.0 with Oracle EE 9.2.0.4
>
> DB2: Win2k SP3 with Oracle EE 9.2.0.1
>
> SYSTEM user on each database initially have different passwords.
>
> It goes something like this:
>
> DB1:
>
> select password from dba_users where username = 'SYSTEM';
>
> Let's say the result is 'AC424SDK4398'
>
> DB2:
>
> Logon to DB2 as SYSTEM.
>
> alter user SYSTEM identified by values 'AC424SDK4398';
> create database link systemlink using 'DB1';
>
> Logout, and log back on to DB2 as SYSTEM.
>
> select count(*) from v$session_at_systemlink;
>
> Works for me in this environment. DB2 is compromised.
>
> HTH
>
> Jared
>
>
>
> On Mon, 2003-12-22 at 08:29, Yong Huang wrote:
>
> > Hi, Gregory,
> >
> > I only have access to Oracle 9.2 on my laptop. Here's my test. I have ORCL
> and
> > AUX1 databases, the latter created by RMAN DUPLICATE some time ago. I logon
> > AUX1 as SYSTEM. Set SYSTEM password hash value to the same as in ORCL.
> Create
> > link L to ORCL without password. Selecting from a table in ORCL @L (i.e.
> select
> > * from yongtest_at_l) throws ORA-1017 invalid username/password.
> >
> > Alternatively, I logon as SYS and create a procedure owned by SYSTEM, with
> one
> > line execute imediate('select count(*) from yongtest_at_l'). When I execute
> > system.<this procedure> as SYS, I get ORA-1005 null password given. (I
> could
> > use DBMS_SYS_SQL but using the execute immediate trick obviates the need to
> > remember the syntax in that undocumented package).
> >
> > If I use connect to current_user to create the link, I always get ORA-28030
> > Server encountered problems accessing LDAP directory service.
> >
> > Could you try on your databases and show how you do it? As I said, this may
> be
> > a security problem. I'm just too ignorant of it and can't reproduce it for
> now.
> >
> > Yong Huang
> >
> > Norris, Gregory T [ITS] wrote:
> >
> > There's no reason I can see that he couldn't create the dblink first, and
> then
> > reset the password using the encrypted value. Alternately, the dblink
> could be
> >
> > created using the DBMS_SYS_SQL package... no knowledge of the current
> password
> > required.
> >
> > create database link foo
> > connect to current_user
> > using 'bar';
Do you Yahoo!?
New Yahoo! Photos - easier uploading and sharing.
http://photos.yahoo.com/
--
Please see the official ORACLE-L FAQ: http://www.orafaq.net
--
Author: Yong Huang
INET: yong321_at_yahoo.com
Fat City Network Services -- 858-538-5051 http://www.fatcity.com
San Diego, California -- Mailing list and web hosting services
---------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from). You may
also send the HELP command for other information (like subscribing).
Received on Mon Dec 22 2003 - 22:19:26 CST
