Trainings 
Sessions 1-Day Tracks Hacking and Securing Oracle Database
Sessions 1-Day Tracks Hacking and Securing Oracle Database
| Track Name |
: | Hacking and Securing Oracle Database |
| Track ID | : | SB1DHSO |
| Instructor | : | Sumit Siddharth (Sid) |
| CPE Credits | : | 7 CPE’s |
| Duration | : | 1 Day |
| Date | November 19th, 2009 (9 AM – 6 PM) |
Who should attend?
- Oracle Database Server Administrators.
- Developers using Oracle Databases.
- Penetration Testers.
- Security Managers
Class Pre-requisite:
- Basic knowledge of Oracle database administration and PL/SQL language.
- Knowledge of penetration testing will be an advantage but is not essential.
Class Requirement:
- Students to carry their laptop with at least 2 GB of free space.
- Students should have Administrative access / privileges on the laptop for installing software.
- USB or Bootable CD / DVD Drive
- VMware Player
- Wireless enabled
Course Description:
This is a hands-on training one-day course, which will teach the audience the security problems related to Oracle. The training has a good mix of traditional as well as some latest cutting edge security issues related to Oracle. The audience will have access to an infrastructure with a number of oracle components deployed, and they will be encouraged to exploit/patch security vulnerabilities as they learn them.
- TNS Listener Security Problems
- Default Oracle accounts and privileges.
- Obtaining and cracking password hashes in Oracle.
- Enumerating/fingerprinting Oracle.
- Introduction to Oracle Vulnerabilities
- Buffer Overflows
- SQL and PL/SQL Injection
- Cursor Injection
- Introduction to Cursor Snarfing and Lateral SQL Injection.
- Exploiting vulnerabilities to become DBA (from 8i to 11g)
- From DBA to OS code execution
- Unwrapping Oracle's PL/SQL for vulnerabilities.
- Advanced SQL Injection (Identification and Exploitation)
- Hacking Oracle Application Servers.
- Exploiting Oracle from Web.
- Securing Oracle
Twitter Updates
Follow Us On
