FEATURE REQ: Add checks for Oracle SQLDeveloper connections.xml #20
Comments
|
We're definitely open to it if we can confirm the locations they're dropped - is there any documentation online as to the connection.xml locations? Since I don't have a test environment, if you're able to build a module to test that'd likely be ideal, but I'll leave this issue up until a module is merged. |
|
Hey there :) In Win7 they are definitely in: C:\Users<username>\AppData\Roaming\SQL Developer\system\o.jdeveloper.db.connection\connections.xml Seems to vary quite significantly depending on what version of SQLDeveloper that is running / what servers you connect to so hard to pinpoint a path. Working on finding out where they are on W10 and getting a test install going. |
|
@BaffledJimmy were you able to get a test install going by chance? @leechristensen we could build a simple module to just test for the presence of these files, ya? Something along the lines of the |
Added OracleConnections command to find Oracle SQLDeveloper connections.xml files (issue #20 )
|
@BaffledJimmy I finally got a module built for this, and just did a PR for it to master (#55) . Once @leechristensen approves it'll land and I'll close this issue. |
psst @HarmJ0y :) you can use a keyword such as "closes #<ISSUE_ID>" or "fixes #<ISSUE_ID>" in your PR or commit to automatically close the corresponding issue! |
|
Landed now as the OracleSQLDeveloper command |
Hi there,
Would it be possible to incorporate support for the connections.xml file that Oracle SQLDeveloper will drop, containing hostnames and credentials? Often useful for onward lateral movement.
I believe it is stored in:
\Users[User]\AppData\Roaming\SQL Developer\System\but also often under a subfolder such as:
(Win 7)
C:\Users\<username>\AppData\Roaming\SQL Developer\systemX.X.X.X.X\o.jdeveloper.db.connection.X.X.X.X.X.X.X\connections.xmlor
“C:\users\USER\AppData\Roaming\SQL Developer\system3.1.07.42\o.jdeveloper.db.connection.11.1.1.4.37.59.48”.They can also be decrypted using something similar to this:
https://pypi.org/project/sqldeveloperpassworddecryptor/If I figure out how to do it within the code, I'll do a PR, but thought I'd submit this issue so that others can see it also.
The text was updated successfully, but these errors were encountered: