Skip to content

Commit

Permalink
more work on Oracle test cases (#312)
Browse files Browse the repository at this point in the history
  • Loading branch information
@bdamele
bdamele committed Jan 16, 2013
1 parent f25d7ff commit 1c8bd95
Showing 1 changed file with 47 additions and 53 deletions.
100 changes: 47 additions & 53 deletions xml/livetests.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -490,11 +490,10 @@
<getPrivileges value="True"/>
<getRoles value="True"/>
<getDbs value="True"/>
<getTables value="True"/>
<getColumns value="True"/>
<getCount value="True"/>
<dumpTable value="True"/>
<db value="scott"/>
<db value="sys"/>
<tbl value="users"/>
<excludeSysDbs value="True"/>
</switches>
Expand All @@ -508,13 +507,12 @@
<item value="current user is DBA: True"/>
<item value="r'database management system users \[.+ANONYMOUS.+SCOTT.+SYS.+XDB'"/>
<item value="r'database management system users password hashes:.+CTXSYS \[.+password hash: D1D21CA56994CAB6.+clear-text password: ORACLE.+DBSNMP \[.+password hash: E066D214D5421CCC.+clear-text password: DBSNMP.+SYS \[.+password hash: 2D5A0C491B634F1B.+clear-text password: TESTPASS'"/>
<item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ADMINISTER ANY SQL TUNING SET'"/>
<item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+JAVA_DEPLOY'"/>
<item value="r'available databases \[.+CTXSYS.+SCOTT.+WMSYS'"/>
<item value="r'Database: SCOTT.+ tables.+USERS'"/>
<item value="r'Database: SCOTT.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
<item value="r'Database: SCOTT.+Table.+Entries.+USERS.+5'"/>
<item value="r'Database: SCOTT.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
<item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ALTER ANY EVALUATION CONTEXT'"/>
<item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+XDBADMIN'"/>
<item value="r'available databases \[.+CTXSYS.+MDSYS.+SYSTEM'"/>
<item value="r'Database: SYS.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
<item value="r'Database: SYS.+Table.+Entries.+USERS.+5'"/>
<item value="r'Database: SYS.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
</parse>
</case>
<case name="Oracle error-based multi-threaded enumeration - all entries">
Expand All @@ -537,9 +535,8 @@
<getColumns value="True"/>
<getCount value="True"/>
<dumpTable value="True"/>
<db value="scott"/>
<db value="sys"/>
<tbl value="users"/>
<excludeSysDbs value="True"/>
<answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
</switches>
<parse>
Expand All @@ -552,13 +549,13 @@
<item value="current user is DBA: True"/>
<item value="r'database management system users \[.+ANONYMOUS.+SCOTT.+SYS.+XDB'"/>
<item value="r'database management system users password hashes:.+CTXSYS \[.+password hash: D1D21CA56994CAB6.+DBSNMP \[.+password hash: E066D214D5421CCC.+SYS \[.+password hash: 2D5A0C491B634F1B'"/>
<item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ADMINISTER ANY SQL TUNING SET'"/>
<item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+JAVA_DEPLOY'"/>
<item value="r'available databases \[.+CTXSYS.+SCOTT.+WMSYS'"/>
<item value="r'Database: SCOTT.+ tables.+USERS'"/>
<item value="r'Database: SCOTT.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
<item value="r'Database: SCOTT.+Table.+Entries.+USERS.+5'"/>
<item value="r'Database: SCOTT.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
<item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ALTER ANY EVALUATION CONTEXT'"/>
<item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+XDBADMIN'"/>
<item value="r'available databases \[.+CTXSYS.+MDSYS.+SYSTEM'"/>
<item value="r'Database: SYS.+ tables.+USERS'"/>
<item value="r'Database: SYS.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
<item value="r'Database: SYS.+Table.+Entries.+USERS.+5'"/>
<item value="r'Database: SYS.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
</parse>
</case>
<case name="Oracle UNION query multi-threaded enumeration - all entries">
Expand All @@ -581,9 +578,8 @@
<getColumns value="True"/>
<getCount value="True"/>
<dumpTable value="True"/>
<db value="scott"/>
<db value="sys"/>
<tbl value="users"/>
<excludeSysDbs value="True"/>
<answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
</switches>
<parse>
Expand All @@ -596,13 +592,13 @@
<item value="current user is DBA: True"/>
<item value="r'database management system users \[.+ANONYMOUS.+SCOTT.+SYS.+XDB'"/>
<item value="r'database management system users password hashes:.+CTXSYS \[.+password hash: D1D21CA56994CAB6.+DBSNMP \[.+password hash: E066D214D5421CCC.+SYS \[.+password hash: 2D5A0C491B634F1B'"/>
<item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ADMINISTER ANY SQL TUNING SET'"/>
<item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+JAVA_DEPLOY'"/>
<item value="r'available databases \[.+CTXSYS.+SCOTT.+WMSYS'"/>
<item value="r'Database: SCOTT.+ tables.+USERS'"/>
<item value="r'Database: SCOTT.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
<item value="r'Database: SCOTT.+Table.+Entries.+USERS.+5'"/>
<item value="r'Database: SCOTT.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
<item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ALTER ANY EVALUATION CONTEXT'"/>
<item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+XDBADMIN'"/>
<item value="r'available databases \[.+CTXSYS.+MDSYS.+SYSTEM'"/>
<item value="r'Database: SYS.+ tables.+JOBS.+REGIONS'"/>
<item value="r'Database: SYS.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
<item value="r'Database: SYS.+Table.+Entries.+USERS.+5'"/>
<item value="r'Database: SYS.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
</parse>
</case>
<case name="Oracle partial UNION query multi-threaded enumeration - all entries">
Expand All @@ -625,9 +621,8 @@
<getColumns value="True"/>
<getCount value="True"/>
<dumpTable value="True"/>
<db value="scott"/>
<db value="sys"/>
<tbl value="users"/>
<excludeSysDbs value="True"/>
<answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
</switches>
<parse>
Expand All @@ -640,13 +635,13 @@
<item value="current user is DBA: True"/>
<item value="r'database management system users \[.+ANONYMOUS.+SCOTT.+SYS.+XDB'"/>
<item value="r'database management system users password hashes:.+CTXSYS \[.+password hash: D1D21CA56994CAB6.+DBSNMP \[.+password hash: E066D214D5421CCC.+SYS \[.+password hash: 2D5A0C491B634F1B'"/>
<item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ADMINISTER ANY SQL TUNING SET'"/>
<item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+JAVA_DEPLOY'"/>
<item value="r'available databases \[.+CTXSYS.+SCOTT.+WMSYS'"/>
<item value="r'Database: SCOTT.+ tables.+USERS'"/>
<item value="r'Database: SCOTT.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
<item value="r'Database: SCOTT.+Table.+Entries.+USERS.+5'"/>
<item value="r'Database: SCOTT.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
<item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ALTER ANY EVALUATION CONTEXT'"/>
<item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+XDBADMIN'"/>
<item value="r'available databases \[.+CTXSYS.+MDSYS.+SYSTEM'"/>
<item value="r'Database: SYS.+ tables.+JOBS.+REGIONS'"/>
<item value="r'Database: SYS.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
<item value="r'Database: SYS.+Table.+Entries.+USERS.+5'"/>
<item value="r'Database: SYS.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
</parse>
</case>
<case name="Oracle time-based single-threaded enumeration - all entries">
Expand Down Expand Up @@ -683,9 +678,8 @@
<getColumns value="True"/>
<getCount value="True"/>
<dumpTable value="True"/>
<db value="scott"/>
<db value="sys"/>
<tbl value="users"/>
<excludeSysDbs value="True"/>
<answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
</switches>
<parse>
Expand All @@ -698,13 +692,13 @@
<item value="current user is DBA: True"/>
<item value="r'database management system users \[.+ANONYMOUS.+SCOTT.+SYS.+XDB'"/>
<item value="r'database management system users password hashes:.+CTXSYS \[.+password hash: D1D21CA56994CAB6.+DBSNMP \[.+password hash: E066D214D5421CCC.+SYS \[.+password hash: 2D5A0C491B634F1B'"/>
<item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ADMINISTER ANY SQL TUNING SET'"/>
<item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+JAVA_DEPLOY'"/>
<item value="r'available databases \[.+CTXSYS.+SCOTT.+WMSYS'"/>
<item value="r'Database: SCOTT.+ tables.+USERS'"/>
<item value="r'Database: SCOTT.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
<item value="r'Database: SCOTT.+Table.+Entries.+USERS.+5'"/>
<item value="r'Database: SCOTT.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
<item value="r'database management system users privileges:.+CTXSYS.+ALTER SESSION.+ SYS .+ALTER ANY EVALUATION CONTEXT'"/>
<item value="r'database management system users roles:.+MDSYS.+CONNECT.+SYS \(administrator\).+DBA.+XDBADMIN'"/>
<item value="r'available databases \[.+CTXSYS.+MDSYS.+SYSTEM'"/>
<item value="r'Database: SYS.+ tables.+JOBS.+REGIONS'"/>
<item value="r'Database: SYS.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
<item value="r'Database: SYS.+Table.+Entries.+USERS.+5'"/>
<item value="r'Database: SYS.+Table: USERS.+5 entries.+luther.+nameisnull.+'"/>
</parse>
</case>
<case name="SQLite boolean-based multi-threaded enumeration - all entries">
Expand Down Expand Up @@ -963,15 +957,15 @@
<tech value="E"/>
<getSchema value="True"/>
<dumpTable value="True"/>
<db value="scott"/>
<db value="sys"/>
<tbl value="users"/>
<limitStart value="2"/>
<limitStop value="4"/>
<excludeSysDbs value="True"/>
</switches>
<parse>
<item value="r'Database: SCOTT.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
<item value="r'Database: SCOTT.+Table: USERS.+3 entries.+fluffy.+bunny.+wu.+ming'"/>
<item value="r'Database: SYS.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
<item value="r'Database: SYS.+Table: USERS.+3 entries.+fluffy.+bunny.+wu.+ming'"/>
</parse>
</case>
<case name="Oracle UNION query multi-threaded custom enumeration">
Expand All @@ -981,15 +975,15 @@
<tech value="U"/>
<getSchema value="True"/>
<dumpTable value="True"/>
<db value="scott"/>
<db value="sys"/>
<tbl value="users"/>
<limitStart value="2"/>
<limitStop value="4"/>
<excludeSysDbs value="True"/>
</switches>
<parse>
<item value="r'Database: SCOTT.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
<item value="r'Database: SCOTT.+Table: USERS.+3 entries.+fluffy.+bunny.+wu.+ming'"/>
<item value="r'Database: SYS.+Table: USERS.+3 columns.+SURNAME.+VARCHAR2'"/>
<item value="r'Database: SYS.+Table: USERS.+3 entries.+fluffy.+bunny.+wu.+ming'"/>
</parse>
</case>
<case name="Oracle boolean-based multi-threaded custom enumeration - substring">
Expand All @@ -998,13 +992,13 @@
<threads value="4"/>
<tech value="B"/>
<dumpTable value="True"/>
<db value="scott"/>
<db value="sys"/>
<tbl value="users"/>
<firstChar value="3"/>
<lastChar value="5"/>
</switches>
<parse>
<item value="r'Database: SCOTT.+Table: USERS.+5 entries.+the | iss.+&lt;blank&gt; | mei'"/>
<item value="r'Database: SYS.+Table: USERS.+5 entries.+the | iss.+&lt;blank&gt; | mei'"/>
</parse>
</case>
<case name="SQLite UNION query multi-threaded custom enumeration">
Expand Down

0 comments on commit 1c8bd95

Please sign in to comment.