Research On Transfer Protocol And Penetration Of ORACLE Database

The Oracle database, as one of the most powerful and popular RDBMSs (Relational Database Management System), is a crucial part of today's many large database management systems. Many important sites around the world, especially large or medium web servers, mail servers or file servers take Oracle as their database. So the security of Oracle database will affect wide range of user's data in these databases.There are many sources of hidden danger in Oracle database, including protocol vulnerability ignored by designer, module buffer overflow ignored by developer, bad deployment from user and loose access control during management procedure. Here from the security structure of Oracle database, briefly analyses its data storage, log management and instance running system structure, and discuss the vulnerability on the identification authentication protocol used by Oracle database. With experiments on catching analyzing these communication packets, difficulties on the closesource protocol are overcomed. TNS protocol is the initial part of Oracle network connection. Its vulnerability can result in the management information on Oracle server free accessible to clients. SID and user password, as a part of the security authentication, are offen revealed by dictionary attack. Take advantage of the vulnerable program, attackers can even bypass ID authentication infrastructure to conduct PL/SQL injection and access data directly. Both system packages not updated and vulnerabilities brought in from second development are inevitable. Research is carried out on these database vulnerabilities and privilege promotion methods. On the basic of this, penetration methods are carried out with supports of experiments. When users has full read, write and execute privilege, rootkit embedding mechanism can be transplanted to Oracle database and stay for a long time. A type of OS written method based on Oracle protocol is put forward here, which can easily execute OS command and write files through client connection.Finally, an attack and penetration test system is designed and developed, whick enable the attack run stably on automation scanning and detecting targets, including the connection process and making use of vulnerabilities and promoting privilege. At last, it can transfer files and execute system command. It's proved to has the ability to detect popular Oracle release and has good compatiblility, easy to conceal and convenient for database administrators to maintain and repair.