Recently in Database Security Category

More Metasploitin' - My first module.

By Rory2 on June 14, 2009 11:30 AM | No Comments | No TrackBacks

I thought I'd have a shot at writing a quick metasploit module as a good way to get to know the framework a bit better. I'm basing this on a project I did for my GSOC gold where I wrote a POC oracle security scanner in ruby called rorascanner. Seems like a good idea to move the checks I was doing there into a metasploit module.

At the moment its very rough and just basically carries out a series of SQL queries (based on mc's Oracle module) and dumps the results out to a file for later use. I thought it could be useful for people wanting to quickly get some data out of the database for later analysis (kinda' like winenum).

Anyway code is here . Any thoughts suggestions welcome :)

Database expert: Oracle behind Microsoft on patch management - Network World

By Rory2 on March 13, 2008 6:35 PM | 2 Comments | No TrackBacks

http://www.networkworld.com/news/2008/031308-database-expert-oracle-behind-microsoft.html?fsrc=rss-security

Interesting to see someone have a shot a putting numbers on how far Oracle are behind Microsoft in the database security arena (well secure features as opposed to security features anyway). The number that they come up with is 5 years...

Assuming that nothing turns up soon it actually looks like SQL Server 2005 will go through it's whole product lifecycle without a published vulnerability. Secunia are currently showing it affected by 0 vulnerabilities.

« Cryptography | Main Index | Archives | E-Mail Security »

Categories

Monthly Archives

Pages

Powered by Movable Type 4.32-en

Search

About this Archive

This page is an archive of recent entries in the Database Security category.

Cryptography is the previous category.

E-Mail Security is the next category.

Find recent content on the main index or look in the archives to find all content.