CVE-2012-3137 PoC — Oracle Database 隐形密码破解漏洞

Source

https://github.com/r1-/cve-2012-3137

Associated Vulnerability

Title:Oracle Database 隐形密码破解漏洞 (CVE-2012-3137)
Description:Oracle Database是美国甲骨文（Oracle）公司的一套关系数据库管理系统。该数据库管理系统提供数据管理、分布式处理等功能。 Oracle Database 11g 1和2版本中的身份认证协议中存在漏洞。远程攻击者可利用该漏洞获取任意用户的会话密钥和SALT。导致泄漏密码哈希，使得其更容易遭到暴力破解密码猜测攻击（注：Oracle SALT=Oracle Service Architecture Leveraging Tuxedo，是一种用来构建网络引用服务的服务组件）。

Description

Exploit for cve-2012-3137 Oracle challenge

File Snapshot


 [4.0K]  /data/pocs/997c13b95f2c5e1ba3f3ffd381108ba46e8a5379
└── [ 36K]  cve-2012-3137.py

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!