Search the Community

Oracle patched the bug last month but attacks began after proof-of-concept code was published on GitHub. Enterprise software giant Oracle published an urgent security alert last night, urging companies that run WebLogic servers to install the latest patches the company released in mid-April. Oracle says it received reports of attempts to exploit CVE-2020-2883, a vulnerability in its WebLogic enterprise product. WebLogic is a Java-based middleware server that sits between a front-facing application and a database system, rerouting user requests and returning needed data. It is a wildly popular middleware solution, with tens of thousands of servers currently running online. The CVE-2020-2883 vulnerability is a dangerous bug, which received a 9.8 score out of 10, on the CVSSv3 vulnerability severity scale. The bug, which was privately reported to Oracle, allows a threat actor to send a malicious payload to a WebLogic server, via its proprietary T3 protocol. The attack takes place when the server receives the data and unpacks (deserializes) it in an unsafe manner that also runs malicious code on the underlying WebLogic core, allowing the hacker to take control over unpatched systems. Oracle says that no user authentication or interaction is needed to exploit this bug. This makes CVE-2020-2883 an ideal candidate for integration in automated web-based attack tools and botnet operations. Oracle patched the bug during its quarterly security updates, released on April 14. Current exploitation attempts appear to have started after proof-of-concept code to exploit the CVE-2020-2883 bug was published on GitHub a day later. Oracle said that exploitation attempts against other vulnerabilities patched last month were also reported but the company highlighted the WebLogic vulnerability in particular. This is because in recent years, hackers have constantly shown interest in weaponizing and exploiting WebLogic bugs [1, 2, 3, 4, 5, 6, 7, 8, 9] . Hacking groups have been using these vulnerabilities to hijack WebLogic servers to run cryptocurrency miners or breach corporate networks and install ransomware. CVE-2020-2883 will almost certainly join CVE-2019-2729, CVE-2019-2725, CVE-2018-2893, CVE-2018-2628, and CVE-2017-10271 as one of the most exploited WebLogic vulnerabilities in the wild. Via zdnet.com

Programatori C# si Java pentru Dell. De asemenea Oracle dba, dev (tot pentru Dell). Trimiteti PM pentru emailul de contact.

Document Title: =============== Oracle Business Intelligence Mobile HD v11.x iOS - Persistent UI Vulnerability References (Source): ==================== http://vulnerability-lab.com/get_content.php?id=1361 Oracle Security ID: S0540289 Tracking ID: S0540289 Reporter ID: #1 2015Q1 Release Date: ============= 2015-05-06 Vulnerability Laboratory ID (VL-ID): ==================================== 1361 Common Vulnerability Scoring System: ==================================== 3.8 Product & Service Introduction: =============================== Oracle Business Intelligence Mobile HD brings new capabilities that allows users to make the most of their analytics information and leverage their existing investment in BI. Oracle Business Intelligence Mobile for Apple iPad is a mobile analytics app that allows you to view, analyze and act on Oracle Business Intelligence 11g content. Using Oracle Business Intelligence Mobile, you can view, analyze and act on all your analyses, dashboards, scorecards, reports, alerts and notifications on the go. Oracle Business Intelligence Mobile allows you to drill down reports, apply prompts to filter your data, view interactive formats on geo-spatial visualizations, view and interact with Dashboards, KPIs and Scorecards. You can save your analyses and Dashboards for offline viewing, and refresh them when online again; thus providing always-available access to the data you need. This app is compatible with Oracle Business Intelligence 11g, version 11.1.1.6.2BP1 and above. (Copy of the Vendor Homepage: http://www.oracle.com/technetwork/middleware/bi-foundation/bi-mobile-hd-1983913.html ) (Copy of the APP Homepage: https://itunes.apple.com/us/app/oracle-business-intelligence/id534035015 ) Abstract Advisory Information: ============================== The Vulnerability Laboratory Research Team discovered an application-side validation web vulnerability in the official Oracle Business Intelligence Mobile HD v11.1.1.7.0.2420 iOS web-application. Vulnerability Disclosure Timeline: ================================== 2014-10-27: Researcher Notification & Coordination (Benjamin Kunz Mejri - Evolution Security GmbH) 2014-11-01: Vendor Notification (Oracle Sec Alert Team - Acknowledgement Program) 2015-02-25: Vendor Response/Feedback (Oracle Sec Alert Team - Acknowledgement Program) 2015-04-15: Vendor Fix/Patch (Oracle Developer Team) 2015-05-01: Bug Bounty Reward (Oracle Sec Alert Team - CPU Bulletin Acknowledgement) 2015-05-06: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Oracle Product: Business Intelligence Mobile HD 11.1.1.7.0.2420 Exploitation Technique: ======================= Remote Severity Level: =============== Medium Technical Details & Description: ================================ The Vulnerability Laboratory Research Team discovered an application-side validation web vulnerability in the official Oracle Business Intelligence Mobile HD v11.1.1.7.0.2420 iOS web-application. The vulnerability is located in the input field of the dasboard file export name value of the local save (lokal speichern) function. After the injection of a system specific command to the input field of the dasboard name the attacker is able to use the email function. By clicking the email button the script code gets wrong encoded even if the attachment function is activated for pdf only. The wrong encoded input of the lokal save in the mimeAttachmentHeaderName (mimeAttachmentHeader) allows a local attacker to inject persistent system specific codes to compromise the integrity of the oracle ib email function. In case of the scenario the issue get first correct encoded on input and the reverse encoded inside allows to manipulate the mail context. Regular the function is in use to get the status notification mail with attached pdf or html file. For the tesings the pdf value was activated and without html. The security risk of the filter bypass and application-side input validation web vulnerability is estimated as medium with a cvss (common vulnerability scoring system) count of 3.8. Exploitation of the persistent web vulnerability requires a low privilege web application user account and low user interaction. Successful exploitation of the vulnerability results in session hijacking, persistent phishing, persistent external redirects, persistent load of malicous script codes or persistent web module context manipulation. Vulnerable Module(s): [+] Lokal speichern - Local save Vulnerable Parameter(s): [+] mimeAttachmentHeaderName (mimeAttachmentHeader) Affected Service(s): [+] Email - Local Dasboard File Proof of Concept (PoC): ======================= The application-side vulnerability can be exploited by local privilege application user accounts with low user interaction. For security demonstration or to reproduce the security vulnerability follow the provided information and steps below to continue. Manual reproduce of the vulnerability ... 1. Install the oracle business intelligence mobile hd ios app to your apple device (https://itunes.apple.com/us/app/oracle-business-intelligence/id534035015) 2. Register to your server service to get access to the client functions 2. Click the dashboard button to access 3. Now, we push top right in the navigation the local save (lokal speichern) button 4. Inject system specific payload with script code to the lokal save dashboard filename input field 5. Switch back to the app index and open the saved dashboard that as been saved locally with the payload (mimeAttachmentHeaderName) 6. Push in the top right navigation the email button 7. The mail client opens with the wrong encoded payload inside of the mail with the template of the dashboard 8. Successful reproduce of the security vulnerability! PoC: Email - Local Dasboard File <meta http-equiv="content-type" content="text/html; "> <div>"><[PERSISTENT INJECTED SCRIPT CODE!]"></x></div><div><br><br></div><br> <fieldset class="mimeAttachmentHeader"><legend class="mimeAttachmentHeaderName">"><"x">%20<[PERSISTENT INJECTED SCRIPT CODE!]>.html</legend></fieldset><br> Solution - Fix & Patch: ======================= The vulnerability can be patched by a secure restriction and filter validation of the local dashboard file save module. Encode the input fields and parse the ouput next to reverse converting the context of the application through the mail function. The issue is not located in the apple device configuration because of the validation of the mimeAttachmentHeaderName in connection with the email function is broken. Security Risk: ============== The security risk of the application-side input validation web vulnerability in the oracle mobile application is estimated as medium. (CVSS 3.8) Credits & Authors: ================== Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (bkm@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: ========================= The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. We do not approve or encourage anybody to break any vendor licenses, policies, deface websites, hack into databases or trade with fraud/stolen material. Domains: www.vulnerability-lab.com - www.vuln-lab.com - www.evolution-sec.com Contact: admin@vulnerability-lab.com - research@vulnerability-lab.com - admin@evolution-sec.com Section: magazine.vulnerability-db.com - vulnerability-lab.com/contact.php - evolution-sec.com/contact Social: twitter.com/#!/vuln_lab - facebook.com/VulnerabilityLab - youtube.com/user/vulnerability0lab Feeds: vulnerability-lab.com/rss/rss.php - vulnerability-lab.com/rss/rss_upcoming.php - vulnerability-lab.com/rss/rss_news.php Programs: vulnerability-lab.com/submit.php - vulnerability-lab.com/list-of-bug-bounty-programs.php - vulnerability-lab.com/register/ Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other media, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, source code, videos and other information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), modify, use or edit our material contact (admin@vulnerability-lab.com or research@vulnerability-lab.com) to get a permission. Copyright © 2015 | Vulnerability Laboratory - Evolution Security GmbH ™ -- VULNERABILITY LABORATORY - RESEARCH TEAM SERVICE: www.vulnerability-lab.com CONTACT: research@vulnerability-lab.com PGP KEY: http://www.vulnerability-lab.com/keys/admin@vulnerability-lab.com%280x198E9928%29.txt Source

Oracle has issued a patch to fix several bugs in its Hyperion Product Management financial consolidation and reporting application that could be remotely exploited by hackers. Oracle's Proactive Support team announced the fixes, confirming that they address a number of flaws in the Hyperion Planning 11.1.2.2.x part of the application. The company does not offer firm details about the patch to non-registered customers, and had not responded to V3's request for further details at the time of publishing. However, TK Keanini, chief technology officer at Lancope, told V3 that the user base and nature of data handled within Hyperion means customers should be concerned by the flaw. "If you are running this software, it contains up-to-date business intelligence that you must keep secure. So if you are running this software it is incredibly important to keep it up to date and patched," he said. ? "Ask yourself this: if the information in your Hyperion system was compromised and posted to the internet for all to see, would you be OK with that? ? "The problem most companies face is that they sometimes don't know what is running on their network and this is problem number one that must be solved." Keanini explained that companies should patch the remote access vulnerabilities as soon as possible, but added that he has yet to see any evidence of the flaws being actively exploited by hackers. "This is not just one vulnerability but several. The CVEs that have remote access are the most important to fix first," he said. ? "I have not [seen the flaws being exploited] but when data is published to the internet, it is not like attackers take the time to show their timeline and the provenance of the data. ? "This is always interesting data but also a dangerous indicator because it is a lagging indicator at best." The Hyperion patch is one of many critical fixes issued by Oracle this year. The firm released a critical update in January addressing 167 vulnerabilities across hundreds of its products, including Java. Source

Oracle’s first Critical Patch Update of the year arrived Tuesday with its usual volume, and some disturbing fanfare. Oracle admins today are staring at 169 patches on their collective plates across the company’s product line. One of the more pressing fixes is for a an issue in the Oracle E-Business Suite, a bundle of applications that includes CRM, financial, supply chain and project management software. Noted Oracle bug-hunter David Litchfield last June 11 alerted Oracle to a serious flaw that he said behaved like a backdoor, though he told Threatpost he did not believe it was an intentional backdoor such as one implanted by law enforcement or government. “Maybe, though, giving them the benefit [of the] doubt, it could be that some [developer] was testing something and they forgot to turn it off. Who knows? What is concerning however is that Oracle seem not to know who and why this privilege was granted, either,” Litchfield said via email. Litchfield released some details on the vulnerability, CVE-2015-0393, yesterday, explaining that the PUBLIC role in the database is granted INDEX privileges on the SYS table. This allows anyone to create an index in this particular table, Litchfield said. “By creating a function-based index an attacker can execute arbitrary SQL as the SYS user thus fully compromising the database server,” Litchfield said. “Anyone with a vulnerable eBusiness suite web server connected to the internet is potentially exposed to this as it is possible to chain multiple vulnerabilities to exploit this without a username and password.” Litchfield said there is no reason for PUBLIC to have INDEX privileges on the DUAL table, leading him to speculate that it’s either an intentional backdoor, or a result of poor coding. “My first thought was that this had possibly been left as a backdoor (because it can be trivially exploited to gain SYSDBA privileges) and was an indication that the database server had been compromised,” said Litchfield, who discovered the issue during a client engagement. “I communicated my fears to the client and they began an investigation to determine when the privilege had been granted and by who to ascertain the why. It turns out that no one had—this privilege is granted as part of a seeded install of Oracle eBusiness suite.” Litchfield confirmed that Oracle told him that its engineers looked at the bug and said there was “no indication of when or why the grants were originally added.” Oracle said in its CPU advisory that the vulnerability is not remotely exploitable and merited a criticality rating of 6.0 out of 10. “This has been addressed.” -Oracle spokesperson When asked for a comment, an Oracle representative sent Threatpost a link to the January Critical Patch Update and said: “This has been addressed,” referring to the Litchfield vulnerability. Oracle also announced that it was disabling the use of SSL 3.0, calling it an “obsolete protocol” that was only aggravated by the POODLE fallback vulnerability. Attacks against POODLE allow an attacker to take advantage of the fact that when a secure connection attempt fails, under some circumstances the Web server will fall back to an older protocol and try to renegotiate the secure connection. If the server supports SSLv3, an old protocol, and the attacker can force the failed connection attempt, the attacker can then execute a padding oracle attack against the server and eventually decrypt the contents of the secure connection. The company went a step further to recommend disabling SSL altogether in favor of TLS 1.2. “They should also expect that all versions of SSL be disabled in all Oracle software moving forward. A manual configuration change can allow Java SE clients and server endpoints, which have been updated with this Critical Patch Update, to continue to temporarily use SSL v3.0,” said Eric Maurice, Oracle software security assurance director. “However, Oracle strongly recommends organizations to phase out their use of SSL v3.0 as soon as possible.” As for Java, Oracle patched 19 vulnerabilities in the platform, 14 of those remotely exploitable, including a half-dozen rating either 9.3 or 10, the highest score on Oracle’s risk matrix. Four client-side vulnerabilities rated a 10, however, Oracle said the number of overall Java bugs continues to decline. In its last CPU, for example, Oracle patched 25 Java flaws, and last April it patched 37. “This relatively low historical number for Oracle Java SE fixes reflect the results of Oracle’s strategy for addressing security bugs affecting Java clients and improving security development practices in the Java development organization,” Maurice said. Oracle, meanwhile patched eight vulnerabilities in its flagship Oracle Database Server, none of them remotely exploitable, and none applicable to client-only installations. The only other highly critical bugs, scoring 10.0, were found in Oracle Sun Systems Fujitsu M10-1, M10-4 and M10-4S servers. Source

Oracle has released a critical patch update fixing 167 vulnerabilities across hundreds of its products, warning that the worst of them could be remotely exploited by hackers. The pressing fixes involve several of Oracle's most widely used products and scored a full 10.0 rating on the CVSS 2.0 Base Score for vulnerabilities, the highest score available. "The highest CVSS 2.0 Base Score for vulnerabilities in this critical patch update is 10.0 for Fujitsu M10-1 of Oracle Sun Systems Products Suite, Java SE of Oracle Java SE, M10-4 of Oracle Sun Systems Products Suite and M10-4S Servers of Oracle Sun Systems Products Suite," read the advisory. "Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply critical patch update fixes as soon as possible." Oracle warned that the updates for Fujitsu M10-1 of Oracle Sun Systems Products Suite are particularly important. "This critical patch update contains 29 new security fixes for the Oracle Sun Systems Products Suite," the advisory said. "Ten of these vulnerabilities may be remotely exploitable without authentication [and] may be exploited over a network without the need for a username and password." The Oracle Java SE update fixes 19 flaws, 14 of which were also remotely exploitable. The next most serious flaws relate to Oracle's Fusion Middleware, which received 35 security fixes. The worst carries a 9.3 rating and could also be remotely exploited. The update follows reports that hackers are targeting enterprise companies with malware-laden patches purporting to come from Oracle. The news comes during a period of heated debate about patching best practice. Microsoft announced plans on 9 January to stop offering non-paying customers advanced patch notifications. The announcement led to a backlash in the security community, many feeling that the move is a money-grabbing tactic by Microsoft. Prior to the move, Microsoft came to blows with Google over the search firm's public disclosure of a Windows bug. Google Project Zero researchers publicly disclosed the bug in December 2014 having privately reported it to Microsoft in September. The move led to a debate about what constitutes responsible threat disclosure. Source

Despre: "Join the most important event dedicated to the Java community in Romania, organized by Oracle in collaboration with Bucharest Java User Group and Java partners. Discover how Java can increase your developer productivity so you can build the next generation of advanced applications that power the world. Java is the foundation for virtually every type of networked application and is the global standard for developing and delivering mobile applications, games, Web-based content, and enterprise software. With more than 9 million developers worldwide, Java enables you to efficiently develop and deploy exciting applications and services. With comprehensive tooling, a mature ecosystem, and robust performance, Java delivers applications portability across even the most disparate computing environments. The Java EE platform offers enterprise developers the opportunity to deliver today’s Web applications with the greatest efficiency, flexibility, and ease of development. After 13 years offering business critical applications for thousands of companies, Java EE remains ahead of the pack as an enterprise application and deployment platform. As the industry standard for enterprise computing, Java EE enables developers to take advantage of the emerging usages, patterns, frameworks, and technologies of the enterprise space. Developing enterprise applications has never been easier. Register online now for this FREE event." Agenda: Part 1 (15:00 - 18:30) 15:00 - 15:30 Registration & Welcome coffee 15:30 - 16:15 Keynote: Java Enterprise Edition - State of the Union ; Speaker: David Delabassee, Java Principal Product Manager, Oracle 16:15 - 16:45 Romanian Java User Groups Community Perspective BJUG after 1+ years ; Speaker: Ioan Eugen Stan, Co-Founder, Bucharest Java User Group (BJUG) 16:45 - 17:00 Coffee Break 17:00 - 17:30 Web controlled Raspberry Pi Car using Java ; Speaker: Bogdan Craciun, Software Architect SIVECO Romania 17:30 - 18:00 Large scale enterprise application development with the Java EE technology stack ; Speaker: Marius Harpau, Java Architect Endava 18:00 - 18:30 “Weblogic 12c - What's new?” “Productivity in the Cloud with Oracle Application Development Framework (ADF) 18:30 - 19:00 Social Break - Refreshments Part 2 (19:00 - 21:00) Monthly Bucharest JUG Event Edition #15 - JUG Bucure?ti - Pagina Principal? 19:00 - 20:00 Java EE 7 overview ;Speaker: David Delabassee, Java Principal Product Manager, Oracle 20:00 - 21:00 The Future starts with a Promise ; Speaker: Alexandru Nedelcu, Software Engineer / Tech Lead at Epigrams Data si ora: Aug 29, 2013 03:00 PM - 09:00 PM ; Locatia: AFI Cotroceni – Cinema City BD. Vasile Milea 4 Bucharest Romania -- Daca nu ati citit tot, evenimentul este "Free", va puteti inregistra aici.

Prezentare " In ultimii 20 de ani, in cadrul fiecarei industrii si al oricarei economii, mediul de afaceri a fost supus unor transformari dramatice. Companiile manufacturiere se transforma in companii de servicii manufacturiere,agentiile guvernamentale se transforma in asa fel incat sa poata oferi servicii cetatenilor, iar companiile de retail se transforma in vederea asigurarii de servicii de retail sociale. Aceste transformari au creat atat pentru clienti cat si pentru angajati o intreaga experienta digitala conducand organizatia catre o noua arhitectura IT in ceea ce priveste securitatea. Noile aplicatii vor fi mai bine construite in mediul Cloud decat on-premise iar interactiunea va fi mobila, accesibila si sociala. Afacerile care se vor transforma conform acestui model vor avea nevoie sa isi protejeze clientii sis a le castige increderea oferindu-le astfel o experienta sigura. Pe parcursul acestui eveniment veti putea vedea cum companiile IT pot sa isi securizeze datele in mediul Cloud, sa experimentati interactiunea mobila si sociala folosind strategii de securitate avansate si de asemenea cum sa aplicati o abordare in conformitate cu reglementarile in vigoare folosind arhitectura mobila si sociala in conditii de securitate. Va invitam alaturi de noi, miercuri 24 iulie, la un seminar exclusiv de securitate, pentru a afla cum cele mai recente progrese ale Oracle, privind managementul de identitate si de securitate a datelor, va pot ajuta sa va imbunatatiti solutiile de securitate in IT, in conformitate cu reglementarile in vigoare si reducandu-va in acelasi timp costurile. Nu pierdeti ocazia de a socializa cu colegii dvs., de a va impartasi ideile si de a discuta cu expertii Oracle despre extinderea infrastructurii IDM si politicile de securitate in carul noii experiente digitale! Inregistrati-va online pentru acest eveniment gratuit. Pentru detalii suplimentare: Andra Duta: +4 021 212 01 41, andra.duta@results.ro Va asteptam cu drag, Echipa Oracle. " Agenda 10:00 - 10:30 - Inregistrare participanti si cafea 10:30 - 10:35 - Cuvant de bun venit 10:35 - 11:35 - Securing The New Digital Experience by Katerina Kalimeri, CISSP Security Solution Architect, Oracle EE&CIS Enterprise Security 11:35 - 11:45 - Studiu de caz by Katerina Kalimeri, CISSP Security Solution Architect, Oracle EE&CIS Enterprise Security 11:45 - 12:20 - Demo: Securing The Mobile and Social Interaction Demo by Katerina Kalimeri, CISSP Security Solution Architect, Oracle EE&CIS Enterprise Security 12:20 - 12:30 - Intrebari si raspunsuri 12:30 - 13:30 - Masa de pranz Date despre eveniment: miercuri, 24 iulie 2013 10:00 – 13:30 Oracle office CVC5, Calea Floreasca 169 A, corp B, etaj 1 Bucuresti, Romania sursa

A mixed bag: new and old/ attack and defense/ for developers, managers, testers/ PHP, AJAX, Rails, Java, .NET, Oracle etc. Ajax Security [2007] Apache Security [2005] Applied Oracle Security: Developing Secure Database and Middleware Environments [2009] BackTrack 4: Assuring Security by Penetration Testing [2011] Beginning ASP.NET Security [2010] Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management [2005] Cracking Drupal: A Drop in the Bucket [2009] Developer's Guide to Web Application Security [2007] E-Commerce: A Control and Security Guide [2004] Enterprise Web Services Security [2005] Essential PHP Security [2005] Expert Web Services Security in the .NET Platform [2004] request download ticket | ifile.it --- Google Hacking for Penetration Testers [2005] Google Hacking for Penetration Testers, Volume 2 [2007] Hacker Web Exploitation Uncovered [2005] Hacking Exposed Web 2.0 [2007] Hacking Exposed Web Applications, 3rd Edition [2011] HackNotes Web Security Pocket Reference [2003] Hack Proofing ColdFusion [2002] Hack Proofing Your E-Commerce Site [2001] Hack Proofing Your Web Applications [2001] How to Break Web Software: Functional and Security Testing of Web Applications and Web Services [2006] Implementing Database Security and Auditing: Includes Examples for Oracle, SQL Server, DB2 UDB, Sybase [2005] Joomla! Web Security [2008] Mastering Web Services Security [2003] ModSecurity 2.5 [2009] ModSecurity Handbook [2010] Oracle Security [1998] php architect's Guide to PHP Security [2005] Practical Oracle Security: Your Unauthorized Guide to Relational Database Security [2007] request download ticket | ifile.it --- Preventing Web Attacks with Apache [2006] Pro PHP Security: From Application Security Principles to the Implementation of XSS Defenses, Second Edition [2010] Secure E-Government Web Services [2005] Securing PHP Web Applications [2009] Security for Web Services and Service-Oriented Architectures [2009] Security Fundamentals for E-Commerce [2002] Security on Rails [2009] Security Technologies for the World Wide Web, Second Edition [2002] Seven Deadliest Web Application Attacks [2010] SQL Injection Attacks and Defense [2009] SQL Server Security Distilled [2004] SSL & TLS Essentials: Securing the Web [2000] The Oracle Hacker's Handbook: Hacking and Defending Oracle [2007] The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws [2007] The Database Hacker's Handbook: Defending Database Servers [2005] Web 2.0 Security - Defending AJAX, RIA, AND SOA [2007] Web Application Vulnerabilities: Detect, Exploit, Prevent [2007] Web Hacking: Attacks and Defense [2002] Web Security, Privacy and Commerce, 2nd Edition [2002] Web Security Testing Cookbook: Systematic Techniques to Find Problems Fast [2008] Web Services Security [2003] XML Security [2002] XSS Exploits and Defense [2007] request download ticket | ifile.it

Pentru cei ce dau quizuri SQL la scoala pentru acea diploma oracle-shit. linux/windows/mac ©miN 2012 V-ati saturat sa tot selectati tabul cu google, sa dati copy paste la intrebare, apoi sa alegeti un site relevant, apoi sa gasiti intrebarea, apoi sa-i cautati raspunsul, sa-l alegeti dupa sau dupa cum vine pus in pagina si apoi sa va intoarceti la tabul cu quizul deschis si apoi sa bifati si acolo raspunsul corect ? Cu acest soft e nevoie doar de un simplu Ctrl-C Ctrl-V si dupa ce dati enter in mai putin de o secunda primiti raspunsul corect. Scriptul poate fi foarte usor adaptat si la altfel de perechi intrebare-raspuns(uri), singurul lucru ce trebuie modificat (adaugat) este functia de parsare a paginii cu intrebarea identica gasita acolo, astfel incat sa poata extrage raspunsul de sub intrebare cu un anumit model codat de voi desigur. Chiar daca nu va intereseaza niciuna din cele de mai sus, softul este robust, bine pus la punct, cod clar si comentat, logica in ordinea actiunilor si este un foarte bun exemplu pentru amatorii de programare concurenta si legatura minima de 0-dependenta intre interfata-motor desi exista sincronizari primitive live. [Python] oaf - Pastebin.com #! /usr/bin/env python # Oracle Answer Finder # 02.05.2012 cmiN from Tkinter import * from urllib2 import build_opener, HTTPError, URLError from urlparse import urlparse from threading import Thread, Event from socket import setdefaulttimeout, timeout # constants SMAX = 8 # maximum number of results DIFF = 512 # how many chars to skip until the answer TOUT = 2 # timeout in seconds class GUI(Frame): def __init__(self, master=None, margin=10): Frame.__init__(self, master) self.app = Engine() # main app self.thread = None # Thread object used for parallel processing self.master.title("OAF - cmiN") self.grid(padx=margin, pady=margin) self.widgets() self.mainloop() def callback(self, event): """What happens after you press Enter in Question's entry.""" # get and edit question qon = self.app.edit_qon(self.qEntry.get()) if self.thread: # if it was initialized before # check question if qon == self.app.qon[0]: # same question (no reset) if self.thread.is_alive(): # let it finish return else: self.app.data = "" # empty buffer self.app.dataLen = 0 else: # another if self.thread.is_alive(): self.app.stop() self.thread.join() self.app.reset() # reset everything # set question self.app.set_qon(qon) # process data self.thread = Thread(target=self.app.process) self.thread.start() # no return def widgets(self): # variables self.statusVar = StringVar(value="Ready.") # passed to Thread class for live updating #self.ansVar = StringVar() # same thing, but for answer self.app.statusVar = self.statusVar #self.app.ansVar = self.ansVar # label-entry pairs self.qLabel = Label(self, text="Question:") self.qEntry = Entry(self, width=100) self.aLabel = Label(self, text="Answer:") #self.aEntry = Entry(self, width=100, textvariable=self.ansVar) self.qLabel.grid(row=0, column=0, sticky="w") self.qEntry.grid(row=1, column=0) self.aLabel.grid(row=2, column=0, sticky="w") #self.aEntry.grid(row=3, column=0) # status widget self.sLabel1 = Label(self, text="Status:") self.sLabel2 = Label(self, width=86, textvariable=self.statusVar, relief="sunken", bd=2, anchor="c") self.sLabel1.grid(row=4, column=0, sticky="w") self.sLabel2.grid(row=5, column=0, sticky="w") # text instead entry for answer self.ansText = Text(self, width=75, height=10) self.ansText.grid(row=3, column=0) self.app.ansText = self.ansText # make it available to the engine # behavior self.qEntry.bind("<Return>", self.callback) self.qEntry.bind("<KP_Enter>", self.callback) class Engine: def __init__(self): setdefaulttimeout(TOUT) self.opener = build_opener() self.opener.addheaders = [("User-agent", "Mozilla/5.0")] self.qon = ["", ""] # question self.data = "" # data contain the question [and answer] self.dataLen = 0 # data length self.start = 0 # google first result self.first = "url?q=" # from self.second = "&amp" # to self.seen = set() # evidence of visited links self.statusVar = None # through this set status self.ansVar = None # through this set answer if available self.ansText = None # almost same shit self.__stop = Event() # stop the process self.upEvent = Event() # solve the deadlock self.upEvent.set() # means it's safe (.wait will wait until .set is called or .is_set() is True) def update(self, status, answer): """Here is a fucking deadlock, when the same function is called simultaneously.""" self.upEvent.wait() # wait to be setted self.upEvent.clear() # make it busy # do your ugly things if hasattr(self.statusVar, "set") and hasattr(self.statusVar, "get"): self.statusVar.set(status) self.statusVar.get() # just to make sure the update finished if hasattr(self.ansVar, "set") and hasattr(self.ansVar, "get"): self.ansVar.set(answer) self.ansVar.get() if hasattr(self.ansText, "insert") and hasattr(self.ansText, "delete"): self.ansText.delete(0.0, END) self.ansText.insert(0.0, answer) self.upEvent.set() # make it available def stop(self): self.update("Stopping...", "") self.__stop.set() def stopped(self): return self.__stop.is_set() def reset(self): self.__stop.clear() self.start = 0 self.seen = set() #self.update("Ready.", "") def edit_qon(self, qon): return qon.strip().split("\n")[0] # idiot proof def set_qon(self, qon): """Set question.""" self.qon[0] = qon self.qon[1] = '"' + self.qon[0].replace(" ", "+") + '"' def find(self): """Find links corresponding to query using google. Returns: 0 -> match, link extracted, data updated 1 -> no match for exact string 2 -> url already visited or invalid url 3 -> banned 4 -> maximum number of results exceeded """ if self.start >= SMAX: return 4 link = "http://www.google.com/search?q={}&start={}".format(self.qon[1], self.start) try: fobj = self.opener.open(link) except HTTPError: self.update("Google banned you.", "") return 3 except timeout: self.update("Timed out or Google banned you.", "") return 3 else: data = fobj.read() # google's source fobj.close() # find a relevant closest position to the link index1 = data.find(self.first) if index1 == -1: # no results in page or modified pattern return 1 # invalid source self.start += 1 # now do the increment index1 += len(self.first) index2 = data.find(self.second, index1) url = data[index1:index2] # edit url newurl = "" i = 0 length = len(url) while i < length: if url[i] == "%": char = chr(int(url[i + 1] + url[i + 2], 16)) i += 2 else: char = url[i] newurl += char i += 1 url = newurl # process it if url in self.seen: # link already visited return 2 self.seen.add(url) upo = urlparse(url) self.update("Looking in %s..." % upo.netloc, "") try: fobj = self.opener.open(url) except URLError: self.update("Invalid link.", "") return 2 except timeout: self.update("Timed out.", "") return 3 else: self.data = fobj.read() self.dataLen = len(self.data) fobj.close() return 0 # all fine def check(self, old, index): if index < 0 or index >= self.dataLen: return False # invalid index if abs(old - index) > DIFF: return False # too far return True # ok def get_star(self, index): """Find the line with . Returns: str -> good answer False -> invalid answer or couldn't find """ ansNr = 1 # default answers (for multiple ones) chunk = "(Choose " firstTag = self.data.find("<", index) chunkIndex = self.data.find(chunk, index, firstTag) if chunkIndex != -1: chunkIndex += len(chunk) number = "" while self.data[chunkIndex] != ")": number += self.data[chunkIndex] chunkIndex += 1 number = number.strip().lower() if number == "two": ansNr = 2 elif number == "three": ansNr = 3 elif number == "four": ansNr = 4 # i don't think this actually exists star = "(*)" last = index ans = "" while ansNr: index = self.data.find(star, last) - 1 last = index + 1 + len(star) if index < 0: return False # invalid answer type # ok now we're good old = index while True: tag = True while self.data[index] != ">": if tag and self.data[index].isspace(): index -= 1 continue if tag: ans = "\n" + ans tag = False # found alphanumeric ans = self.data[index] + ans index -= 1 if not self.check(old, index): return False ans = ans.strip() if tag and len(ans) > 0: break while self.data[index] != "<": index -= 1 index -= 1 ansNr -= 1 ans = "\n" + ans return ans.strip() def get_single(self, index): """Line with single answer. Returns: str -> good answer False -> invalid answer or couldn't find """ new = True # first answer (if multiple) ans = "" smooth = 1 # tag number difference while True: old = index # go to the first tag while self.data[index] != "<": index += 1 if not self.check(old, index): return False # no skip all of them nrTag = 0 while self.data[index] == "<": while self.data[index] != ">": index += 1 index += 1 nrTag += 1 # add tag if not self.check(old, index): return False if new: new = False # not new anymore model = nrTag if abs(nrTag - model) > smooth: break # no incoming answers to this question while self.data[index] != "<": ans += self.data[index] index += 1 if not self.check(old, index): return False # add separator (don't worry, we will strip it at the end) ans = ans.strip() + "\n\n" ans = ans.strip() if ans == "": return False # empty one return ans def process(self): """Try to find answers to quiz questions by searching them on google. Format string, search it on google, locate first %d results, then search among them for patterns (question<>...<>answer<> or question<>answer...<>). Returns: str -> answer found (or false positive) 1 -> invalid/inexistent question (or google invalid source pattern) 2 -> answer not found (or different search pattern) 3 -> stopped 4 -> banned """ % SMAX ret = 0 # virtual return while True: if self.stopped(): return 3 # stopped if ret == 1: self.update("Invalid question.", "") return 1 # invalid question elif ret == 2: # already seen or invalid ret = self.find() continue elif ret == 3: return 4 # timed out or banned (too many queries) elif ret == 4: self.update("Nothing found.", "") return 2 # not found index = self.data.find(self.qon[0]) if index >= 0: #index += len(self.qon[0]) # conflict with star (need some data from question) ans = self.get_star(index) if not ans: ans = self.get_single(index) if ans: self.update("Answer found!", ans) return ans # string ok ret = self.find() if __name__ == "__main__": GUI(Tk()) Dupa ce consider ca nu da gres deloc si nu face vreo faza prea ciudata (in limita bunului simt al utilizatorului) inghet versiune cu executabil pentru windows, deocamdata raportati-mi buguri, critici si pareri, totusi daca nu aveti rabdare sa va puneti Python si pe alte masini puteti sa va rezolvati foarte repede cu cx_Freeze. Nou! Daca nu va place raspunsul primit mai puteti apasa o data enter la aceeasi intrebare si el va cauta prin urmatoarele rezultate dupa un nou raspuns. In timp ce cauta daca schimbati intrebarea si dati iar enter atunci ii da un semnal sa inceteze cautarea curenta si apoi trece la cea noua (experimental, mai ingheata uneori (deadlocks)). V-am promis si versiunea portabila pentru windows: box gf

Oracle Database 11g Release2 Unix/Solaris In acest tutorial voi descrie pasii care trebuie facuti pentru a instala Oracle Database.Acest database vine in 4 release diverse: -Enterprise Edition -Standard Edition -Standard Edition One -Express Edition (free) Dintre toate acestea Express Edition poate fi instalat doar in Linux sau in Windows. In acest tutorial ma voi concentra asupra Oracle Database 11g Release2 Enterprise Edition .Acest release suporta diverse platforme Unix/Linux/Windows In acest tutorial voi explica pasii care trebuie facuti pentru a instala acest database intrun sistem Unix/Solaris. Aceasta versiune de database 11g Release2 suporta o noua optiune de instalare si anume Oracle RAC One Node ( care permite sa rulezi mai multe instante RAC intrun singur nod de cluster)De obicei initial Oracle RAC a fost creat sa ruleze in multi-node cu instante separate alocate pe servere separate.One Node RAC in schimb reuseste sa ruleze instante multiple intrun singur nod de cluster iar realocarea instanstantelor in cazul in care merg in crash se face folosind Omotion care este defapt un utility care faciliteaza realocarea. Probabil voi reveni cu diverse alte articole in lagatura cu sistemul de clustering Oracle dar in acest tutorial voi continua cu Oracle database.Oricum daca sunteti interesati sa vedeti cum functioneaza puteti accesa paginile de manual online pe site-ul oficial ORACLE. Inainte de a instala database-ul sistemul va trebui configurat Memoria: Sistemul necesita o memorie de minim un gb de RAM , si jumatate de gb de swap In cazul in care exista sistemul are mai mult de 2 ram , memoria swap va trebui sa fie egala cu memoria ram. Pentru a verifica memoria ram [blade]# prtconf | grep "Memory size" Memory size: 3072 Megabytes Dupa cum am spus voi instala database-ul intrun sistem Sparc deci pentru a cunoaste tipul procesorului si a sistemului se poate folosi isainfo . [blade]# isainfo -kv 64-bit sparcv9 kernel modules Alocare spatiu disk Aici ar trebui luate in considerare urmatoarele: Aprox 2Gb installer+preconfig Aprox 6Gb database after install Aprox 500 Mb pentru TMP Necesita si cateva pachete , pentru a vedea daca sunt instalate pkginfo poate fi de ajutor [blade]# pkginfo -i SUNWarc SUNWbtool SUNWhea SUNWlibC SUNWlibms SUNWsprot SUNWtoo SUNWi1of SUNWi1cs SUNWi15cs SUNWxwfnt system SUNWarc Lint Libraries (usr) system SUNWbtool CCS tools bundled with SunOS system SUNWhea SunOS Header Files system SUNWi15cs X11 ISO8859-15 Codeset Support system SUNWi1cs X11 ISO8859-1 Codeset Support system SUNWi1of ISO-8859-1 (Latin-1) Optional Fonts system SUNWlibC Sun Workshop Compilers Bundled libC system SUNWlibms Math & Microtasking Libraries (Usr) system SUNWsprot Solaris Bundled tools system SUNWtoo Programming Tools system SUNWxwfnt X Window System platform required fonts In cazul in care nu gaseste un pachet instalat , va da oroare ERROR: information for "SUNWnumepachet" was not found In Solaris 10 probabil nu va gasi 2 pachete SUNWi1cs si SUNWi15cs, pot fi instalate direct din dvd-ul de installare folosind pkgadd.Atentie folosind pkgadd intrun sistem cu mai multe zone va instala pachetele in toate zonele virtuale.Folosind optiunea -G pachetele vor fi instalate doar pe nodul fizic.Evident eu am instalat pachetele in ambele sisteme global si virtual.Sistemul in care voi instala oracle are deja o zona virtualizata. O data montat dvd-ul pachetele pot fi gasite in /cdrom/sol_10/Product Note : Pentru a monta un device extern de tipul dvd sau usb in solaris 10 va trebui sa faceti stop la volume management /etc/init.d/volmgt stop Pentru a face un discovery folositi rmformat [blade]# rmformat Looking for devices... 1. Logical Node: /dev/rdsk/c0t2d0s2 Physical Node: /pci@1e,600000/ide@d/sd@2,0 Connected Device: JLMS XJ-HD166S D3S4 Device Type: DVD Reader 2. Logical Node: /dev/rdsk/c1t0d0s2 Physical Node: /pci@1e,600000/usb@b/storage@2/disk@0,0 Connected Device: SanDisk U3 Cruzer Micro 8.01 Device Type: Removable [blade]# Daca nu opriti serviciul volmgt nu veti vedea discul. O data ce discul a fost gasit se poate monta oriunde in sistem mount -F hsfs -o ro /dev/dsk/c0t2d0s2 /mountpoint Asadar se pot instala pachetele care lipsesc pkgadd -d /cdrom/sol_10/Product numepachet numepachet etc Pentru alocarea spatiului eu am decis sa ii dau un minim de 20 gb intrun slice Asadar am creat un slice de 20gb pe care am creat un zpool c0tr04d0s4. Pentru a prepara spatiul folosind ZFS : 1.Se creaza un slice folosind format care va fi alocat (poate fi un disk sau doar o partitie) c0t0d0s4 2.Se creaza un zpool zpool create datazone c0t0d0s4 3.Se creaza un spatiu (filesystem pentru user) zfs create datazone/home zfs create datazone/home/oracle Intrun final totul va arata cam asa: [blade]# zfs list NAME USED AVAIL REFER MOUNTPOINT datazone 172K 19.6G 32K /datazone datazone/home 63K 19.6G 32K /datazone/home datazone/home/oracle 31K 19.6G 31K /datazone/home/oracle Crearea grupului, user-ului pentru a instala si folosi database-ul groupadd oinstall && groupadd dba useradd -d /datazone/home/oracle -m -s /bin/ksh oracle Note : Puteti folosi oricare alt shell in solaris 10 , e disponibil si bash dar eu prefer KornShell deoarece e mult mai performant (parerea mea) Adasar vor trebui create directoarele unde se va instala database-ul mkdir -p /datazone/home/oracle/product/11/db && mkdir /datazone/home/oracle/tmp Se vor atribui drepturile de ownership asupra ierarhiei de directoare user-ului oracle chown -R oracle:oinstall /datazone/home/oracle Userului oracle i se va atribui un password passwd oracle Se va crea un fisier .profile pentru userul oracle care va fi populat cu uramtoarele date ###BEGIN ###Database required export ORACLE_BASE=/datazone/home/oracle export ORACLE_HOME=$ORACLE_BASE/product/11/db export PATH=$ORACLE_HOME/bin:$PATH export TMP=/datazone/home/oracle/tmp export TMPDIR=/datazone/home/oracle/tmp export ORACLE_UNQNAME=database_name export ORACLE_SID=database_name ###Korn shell customization EDITOR=vi export EDITOR set -o vi HISTSIZE=10000 HISTFILE=$ORACLE_BASE/.ksh_history export HISTFILE export HISTSIZE PS1="[oracle]> " ###END Note: Fisierul ar trebui sa contina si variabila DISPLAY , dar eu voi face X forwarding in ssh pentru a instala database-ul deoarece procesul de instalare are o interfata grafica , in mod divers se poate face export la display daca va aflati in fata serverului si aveti un monitor "export DISPLAY=:0.0".Desi nu prea cred ca un Netra Sparc sau un Blade Sun parcat intrun Data Center are tastiera si mouse , nu e exclus oricum. Se va crea o partitie de swap Note: In ZFS sintaxa e putin diversa , oricum voi crea 2 GB de swap iar pe parcurs o voi extinde daca va fi necesar Avand in vedere faptul ca serverul are 3GB de ram ar trebui alocat si 3 GB de swap si cred ca installer-ul va face print cu un error dar vom face skip pentru a extinde memoria post install daca este necesar (Aici am luat o decizie personala de a face asa dar in teorie ar trebui alocat 3 gb de swap) Crearea partitiei pt swap zfs create -V 2G datazone/home/oracle/ora_swap Activarea partitiei swap swap -a /dev/zvol/dsk/datazone/home/oracle/ora_swap List swap [blade]# swap -l swapfile dev swaplo blocks free /dev/dsk/c0t0d0s1 136,9 16 1056704 1054880 /dev/zvol/dsk/datazone/home/oracle/ora_swap 256,1 16 4194288 4194288 Modificari la nivel de system Desi se pot face folosind diverse SMF utility in solaris 10 , voi modifica fisierele precum vine scris in manual. Daca vin modificate manual bineinteles va trebui facut un fel de refresh pentru a fi citite si aici vom face un reboot.In unele servere nu se poate face reboot si vor trebui adoptate metodele care vor face aceste modificari in HOT level fara reboot. projadd -U oracle -K "project.max-shm-memory=(priv,2g,deny)" oracle projmod -sK "project.max-sem-nsems=(priv,256,deny)" oracle projmod -sK "project.max-sem-ids=(priv,100,deny)" oracle projmod -sK "project.max-shm-ids=(priv,100,deny)" oracle echo "set maxuprc=16384" >> /etc/system echo "set max_nprocs=30000" >> /etc/system echo "set shmsys:shminfo_shmmax=3221225472" >> /etc/system projadd administreaza proiectele in system si sintaxa pe care em folosito este sa creeze un nou proiect pentru user-ul oracle unde i-am oferit un maxim shared memory de 2 gb.Folosind projmod nu necesita reboot ci doar un log-out a user-ului.Modificarile asupra fisierului /etc/system necesita reboot desi eu nu as numi reboot in Unix deoarece sistemul nu face shutdown ci doar un INIT restart deci nu e un reboot ca in sistemele Windows. Ar putea fi folosit un modular debugger mdb pentru a modifica valorile dar vred ca e mai complicat si nu toti ar itelege cum functioneaza. maxuprc - Maximum number of processes that can be created on a system by any one user. max_nprocs - Maximum number of processes that can be created on a system. shmsys:shminfo_shmmax - Maximum size of system V shared memory segment that can be created. (e doar o valoare care exprima un maxim nu face memory alocation) Dupa aceste configurari se va face reboot Readuc aminte reboot in unix face doar un kernel restart Citez din man pages Daca totul a fost configurat bine se poate incepe cu instalarea database-ului.Se va face login cu user-ul oracle deoarece installer-ul necesita ca user-ul sa nu fie root Se creaza un director temporar pt installer mkdir /datazone/home/oracle/installetion Se vor copia fisierele descarcate sub acest director [blade]# mv database/ /datazone/home/oracle/installation/ Pentru a instala din remote se va face ssh cu optiunea -X (X forwarding) Asadar vom avea display-ul pe un computer extern. ssh -X oracle@blade Pentru a porni procesul de instalare a database-ului [oracle]> cd installation/database/ && ./runInstaller De aici inainte procesul de instalare este interactiv , asadar am facut un slide cu imagini Oracle Database 11g Release2 installer screenshots O data terminata instalarea se poate configura database-ul dar acest lucru nu mai face parte din acest topic.Daca aveti intrebari , nedumeriri sunteti liberi sa le faceti.E interesanta structura prin care functioneaza un database oracle din punct de vedere client server.Probabil ve-ti gasi greseli de exprimare , faceti un report la adresa mea de mail le voi corecta.Daca va intrebati ce rost ar avea un tutorial de instalare a unui db pe un forum de hacking , ei bine cu cat cunosti mai bine piesele din puzzle cu atat mai repede temini figura si ar fi stupid sa distrugi ceea ce nu reusesti sa creezi.

Dupa cum v-am invitat in acest topic sa semna?i peti?ia pentru ca MySql s? r?mîn? independent de Oracle continui gîndul cu o alt? ?tire peste care to?i au trecut cu privirea. ?i anume, A inceput "înghi?irea" a lui SUN de c?tre Oracle convince?iv? singuri, chiar ?i cei ce nu credeau vor începe a crede... The Future of Kenai.com - Project Kenai Sper c? macar în Europa s? nu s? se g?seasca mul?i cretini care s? decid? asupra afacerii Oracle/SUN ca în SUA.