There are many useful systemtap scripts out there that can be used for troubleshooting performance problem or any other tasks. In some case it could be handy to extend them with session information to have a better picture of what’s going on.Based on my previous work on Dynamic tracing tools : Easier access to session/process address [ksupga_] here is some examples :
Here is a vulnerability i recently discovered inside the CDBView package (Create the cdb view) on my Database Patch Set Update : 188.8.131.52.161018 (24006101) .The package is granted to the “EXECUTE_CATALOG_ROLE” Role by default.
The package is not even wrapped, but this is not a problem as we can easily unwrap it anyway :
This is my third blog post about DB Link encryption/decryption.In the first one i demonstrated how we can find the database link password in clear text using GDB and Intel pin tools.In the second one i have given more information about how it was encrypted/decrypted (AES in CBC encryption mode).It’s now time to reverse engineer it !
In one of my previous posts i showed a way to recover the DB Link password in case we forgot it but i haven’t given any information on how it was encrypted/decrypted.So here is some info that may be helpful for future work such as writing a bunch of PL/SQL code to decrypt the password without the need for other tools (as in previous release ) .
I just published a blog post on how to get the oracle database link password if for some reason we have forgotten it.Brian Fitzgerald respond to me with :
@Hatem__Mahmoud if you can trace listener across fork, you can get anyone’s password
— Brian Fitzgerald (@ExaGridDba) November 16, 2016
Indeed this is a very good point ! And here is how we can do that using GDB :
This blog post is motivated by a conversation with Frits Hoogland on his great blog post The curious case of the missing semctl call about how he managed to find a useful memory address (suspecting a fixed SGA variable) used by a process in his investigation.So here i will show how we can easily generates a trace of all/range of memory addresses referenced by a program with an acceptable overhead.