Final touchup on Oracle login scanner -- adds a pile of defaults from the existing CSV wordlist.
git-svn-id: file:///home/svn/framework3/trunk@11967 4d416f70-5f16-0410-b530-b9f4589650da
This commit is contained in:
parent
292f357f7a
commit
5e715c22db
|
@ -0,0 +1,568 @@
|
|||
brio_admin brio_admin
|
||||
brugernavn adgangskode
|
||||
brukernavn password
|
||||
bsc bsc
|
||||
bug_reports bug_reports
|
||||
calvin hobbes
|
||||
catalog catalog
|
||||
cct cct
|
||||
cdemo82 cdemo82
|
||||
cdemo82 cdemo83
|
||||
cdemo82 unknown
|
||||
cdemocor cdemocor
|
||||
cdemorid cdemorid
|
||||
cdemoucb cdemoucb
|
||||
cdouglas cdouglas
|
||||
ce ce
|
||||
centra centra
|
||||
central central
|
||||
cids cids
|
||||
cis cis
|
||||
cis zwerg
|
||||
cisinfo cisinfo
|
||||
cisinfo zwerg
|
||||
clark cloth
|
||||
cn cn
|
||||
company company
|
||||
compiere compiere
|
||||
cqschemauser password
|
||||
cquserdbuser password
|
||||
crp crp
|
||||
cs cs
|
||||
csc csc
|
||||
csd csd
|
||||
cse cse
|
||||
csf csf
|
||||
csi csi
|
||||
csl csl
|
||||
csmig csmig
|
||||
csp csp
|
||||
csr csr
|
||||
css css
|
||||
ctxdemo ctxdemo
|
||||
ctxsys change_on_install
|
||||
ctxsys ctxsys
|
||||
ctxsys unknown
|
||||
cua cua
|
||||
cue cue
|
||||
cuf cuf
|
||||
cug cug
|
||||
cui cui
|
||||
cun cun
|
||||
cup cup
|
||||
cus cus
|
||||
cz cz
|
||||
dbi mumblefratz
|
||||
hr change_on_install
|
||||
hr hr
|
||||
hri hri
|
||||
hvst hvst
|
||||
hxc hxc
|
||||
hxt hxt
|
||||
iba iba
|
||||
ibe ibe
|
||||
ibp ibp
|
||||
ibu ibu
|
||||
iby iby
|
||||
icdbown icdbown
|
||||
icx icx
|
||||
idemo_user idemo_user
|
||||
ieb ieb
|
||||
iec iec
|
||||
iem iem
|
||||
ieo ieo
|
||||
ies ies
|
||||
ieu ieu
|
||||
iex iex
|
||||
ifssys ifssys
|
||||
igc igc
|
||||
igf igf
|
||||
igi igi
|
||||
igs igs
|
||||
igw igw
|
||||
imageuser imageuser
|
||||
imc imc
|
||||
imedia imedia
|
||||
imt imt
|
||||
#internal oracle
|
||||
#internal sys_stnt
|
||||
internal oracle
|
||||
internal sys_stnt
|
||||
inv inv
|
||||
ipa ipa
|
||||
ipd ipd
|
||||
iplanet iplanet
|
||||
isc isc
|
||||
itg itg
|
||||
ja ja
|
||||
jake passwo4
|
||||
je je
|
||||
jg jg
|
||||
jill passwo2
|
||||
jl jl
|
||||
jmuser jmuser
|
||||
john john
|
||||
jones steel
|
||||
jtf jtf
|
||||
jtm jtm
|
||||
jts jts
|
||||
jward airoplane
|
||||
kwalker kwalker
|
||||
l2ldemo l2ldemo
|
||||
lbacsys lbacsys
|
||||
librarian shelves
|
||||
manprod manprod
|
||||
mark passwo3
|
||||
mascarm manager
|
||||
master password
|
||||
mddata mddata
|
||||
mddemo mddemo
|
||||
mddemo_clerk clerk
|
||||
mddemo_clerk mgr
|
||||
mddemo_mgr mddemo_mgr
|
||||
mdsys mdsys
|
||||
me me
|
||||
mfg mfg
|
||||
mgr mgr
|
||||
mgwuser mgwuser
|
||||
migrate migrate
|
||||
miller miller
|
||||
mmo2 mmo2
|
||||
mmo2 mmo3
|
||||
mmo2 unknown
|
||||
modtest yes
|
||||
moreau moreau
|
||||
mrp mrp
|
||||
msc msc
|
||||
msd msd
|
||||
mso mso
|
||||
msr msr
|
||||
mts_user mts_password
|
||||
mtssys mtssys
|
||||
mwa mwa
|
||||
mxagent mxagent
|
||||
names names
|
||||
neotix_sys neotix_sys
|
||||
nneul nneulpass
|
||||
nom_utilisateur mot_de_passe
|
||||
nomeutente password
|
||||
nome_utilizador senha
|
||||
nume_utilizator parol
|
||||
oas_public oas_public
|
||||
ocitest ocitest
|
||||
ocm_db_admin ocm_db_admin
|
||||
odm odm
|
||||
odm_mtr mtrpw
|
||||
ods ods
|
||||
ods_server ods_server
|
||||
odscommon odscommon
|
||||
oe change_on_install
|
||||
oe unknown
|
||||
oe oe
|
||||
oemadm oemadm
|
||||
oemrep oemrep
|
||||
okb okb
|
||||
okc okc
|
||||
oke oke
|
||||
oki oki
|
||||
oko oko
|
||||
okr okr
|
||||
oks oks
|
||||
okx okx
|
||||
olapdba olapdba
|
||||
olapsvr instance
|
||||
olapsvr olapsvr
|
||||
olapsys manager
|
||||
olapsys olapsys
|
||||
omwb_emulation oracle
|
||||
ont ont
|
||||
oo oo
|
||||
openspirit openspirit
|
||||
opi opi
|
||||
oracache oracache
|
||||
oracle oracle
|
||||
oradba oradbapass
|
||||
oraprobe oraprobe
|
||||
oraregsys oraregsys
|
||||
orasso orasso
|
||||
orasso_ds orasso_ds
|
||||
orasso_pa orasso_pa
|
||||
orasso_ps orasso_ps
|
||||
orasso_public orasso_public
|
||||
orastat orastat
|
||||
orcladmin welcome
|
||||
ordcommon ordcommon
|
||||
data_schema laskjdf098ksdaf09
|
||||
dbsnmp dbsnmp
|
||||
dbvision dbvision
|
||||
ddic 199220706
|
||||
demo demo
|
||||
demo8 demo8
|
||||
demo9 demo9
|
||||
des des
|
||||
des2k des2k
|
||||
dev2000_demos dev2000_demos
|
||||
diane passwo1
|
||||
dip dip
|
||||
discoverer_admin discoverer_admin
|
||||
dmsys dmsys
|
||||
dpf dpfpass
|
||||
dsgateway dsgateway
|
||||
dssys dssys
|
||||
dtsp dtsp
|
||||
eaa eaa
|
||||
eam eam
|
||||
earlywatch support
|
||||
east east
|
||||
ec ec
|
||||
ecx ecx
|
||||
ejb ejb
|
||||
ejsadmin ejsadmin
|
||||
ejsadmin ejsadmin_password
|
||||
emp emp
|
||||
eng eng
|
||||
eni eni
|
||||
estoreuser estore
|
||||
event event
|
||||
evm evm
|
||||
example example
|
||||
exfsys exfsys
|
||||
extdemo extdemo
|
||||
extdemo2 extdemo2
|
||||
fa fa
|
||||
fem fem
|
||||
fii fii
|
||||
finance finance
|
||||
finprod finprod
|
||||
flm flm
|
||||
fnd fnd
|
||||
foo bar
|
||||
fpt fpt
|
||||
frm frm
|
||||
frosty snowman
|
||||
fte fte
|
||||
fv fv
|
||||
gl gl
|
||||
gma gma
|
||||
gmd gmd
|
||||
gme gme
|
||||
gmf gmf
|
||||
gmi gmi
|
||||
gml gml
|
||||
gmp gmp
|
||||
gms gms
|
||||
gpfd gpfd
|
||||
gpld gpld
|
||||
gr gr
|
||||
hades hades
|
||||
hcpark hcpark
|
||||
hlw hlw
|
||||
hr unknown
|
||||
abm abm
|
||||
adams wood
|
||||
adldemo adldemo
|
||||
admin jetspeed
|
||||
admin welcome
|
||||
administrator admin
|
||||
administrator administrator
|
||||
ahl ahl
|
||||
ahm ahm
|
||||
ak ak
|
||||
alhro xxx
|
||||
alhrw xxx
|
||||
alr alr
|
||||
ams ams
|
||||
amv amv
|
||||
andy swordfish
|
||||
anonymous anonymous
|
||||
ap ap
|
||||
applmgr applmgr
|
||||
applsys applsys
|
||||
applsys apps
|
||||
applsys fnd
|
||||
applsyspub applsyspub
|
||||
applsyspub pub
|
||||
applsyspub fndpub
|
||||
applysyspub fndpub
|
||||
applysyspub pub
|
||||
apps apps
|
||||
apps_mrc apps
|
||||
appuser apppassword
|
||||
aq aq
|
||||
aqdemo aqdemo
|
||||
aqjava aqjava
|
||||
aquser aquser
|
||||
ar ar
|
||||
asf asf
|
||||
asg asg
|
||||
asl asl
|
||||
aso aso
|
||||
asp asp
|
||||
ast ast
|
||||
atm sampleatm
|
||||
audiouser audiouser
|
||||
aurora$jis$utility$ invalid
|
||||
aurora$orb$unauthenticated invalid
|
||||
ax ax
|
||||
az az
|
||||
bc4j bc4j
|
||||
ben ben
|
||||
bic bic
|
||||
bil bil
|
||||
bim bim
|
||||
bis bis
|
||||
biv biv
|
||||
bix bix
|
||||
blake paper
|
||||
blewis blewis
|
||||
bom bom
|
||||
sysman sysman
|
||||
system change_on_install
|
||||
system d_syspw
|
||||
system manager
|
||||
system oracle
|
||||
system systempass
|
||||
system system
|
||||
system manag3r
|
||||
system oracl3
|
||||
system 0racle
|
||||
system 0racl3
|
||||
system oracle8
|
||||
system oracle9
|
||||
system oracle9i
|
||||
system 0racle9i
|
||||
system 0racl39i
|
||||
tahiti tahiti
|
||||
talbot mt6ch5
|
||||
tdos_icsap tdos_icsap
|
||||
tec tectec
|
||||
test passwd
|
||||
test test
|
||||
test_user test_user
|
||||
testpilot testpilot
|
||||
thinsample thinsamplepw
|
||||
tibco tibco
|
||||
tip37 tip37
|
||||
tracesvr trace
|
||||
travel travel
|
||||
tsdev tsdev
|
||||
tsuser tsuser
|
||||
turbine turbine
|
||||
ultimate ultimate
|
||||
um_admin um_admin
|
||||
um_client um_client
|
||||
user user
|
||||
user_name password
|
||||
user0 user0
|
||||
user1 user1
|
||||
user2 user2
|
||||
user3 user3
|
||||
user4 user4
|
||||
user5 user5
|
||||
user6 user6
|
||||
user7 user7
|
||||
user8 user8
|
||||
user9 user9
|
||||
utility utility
|
||||
usuario clave
|
||||
utlbstatu utlestat
|
||||
vea vea
|
||||
veh veh
|
||||
vertex_login vertex_login
|
||||
videouser videouser
|
||||
vif_developer vif_dev_pwd
|
||||
viruser viruser
|
||||
vpd_admin akf7d98s2
|
||||
vrr1 vrr1
|
||||
vrr1 vrr2
|
||||
vrr1 unknown
|
||||
webcal01 webcal01
|
||||
webdb webdb
|
||||
webread webread
|
||||
websys manager
|
||||
webuser your_pass
|
||||
west west
|
||||
wfadmin wfadmin
|
||||
wh wh
|
||||
wip wip
|
||||
wkadmin wkadmin
|
||||
wkproxy wkproxy
|
||||
wkproxy change_on_install
|
||||
wksys change_on_install
|
||||
wkproxy unknown
|
||||
wksys wksys
|
||||
wkuser wkuser
|
||||
wk_test wk_test
|
||||
wms wms
|
||||
wmsys wmsys
|
||||
wob wob
|
||||
wps wps
|
||||
wsh wsh
|
||||
wsm wsm
|
||||
www www
|
||||
wwwuser wwwuser
|
||||
xademo xademo
|
||||
xdb change_on_install
|
||||
xdp xdp
|
||||
xla xla
|
||||
xnc xnc
|
||||
xni xni
|
||||
xnm xnm
|
||||
xnp xnp
|
||||
xns xns
|
||||
xprt xprt
|
||||
xtr xtr
|
||||
mddemo_mgr mgr
|
||||
system d_systpw
|
||||
system oracle8i
|
||||
system 0racle8
|
||||
system 0racle9
|
||||
system 0racle8i
|
||||
system 0racl38
|
||||
system 0racl39
|
||||
system 0racl38i
|
||||
sys 0racle8
|
||||
sys 0racle9
|
||||
sys 0racle8i
|
||||
sys 0racl38
|
||||
sys 0racl39
|
||||
sys 0racl38i
|
||||
ordplugins ordplugins
|
||||
ordsys ordsys
|
||||
ose$http$admin invalid password
|
||||
ose$http$admin invalid
|
||||
osm osm
|
||||
osp22 osp22
|
||||
ota ota
|
||||
outln outln
|
||||
owa owa
|
||||
owa_public owa_public
|
||||
owf_mgr owf_mgr
|
||||
owner owner
|
||||
ozf ozf
|
||||
ozp ozp
|
||||
ozs ozs
|
||||
pa pa
|
||||
panama panama
|
||||
patrol patrol
|
||||
paul paul
|
||||
perfstat perfstat
|
||||
perstat perstat
|
||||
pjm pjm
|
||||
planning planning
|
||||
plex plex
|
||||
plsql supersecret
|
||||
pm change_on_install
|
||||
pm unknown
|
||||
pm pm
|
||||
pmi pmi
|
||||
pn pn
|
||||
po po
|
||||
po7 po7
|
||||
po8 po8
|
||||
poa poa
|
||||
pom pom
|
||||
portal_demo portal_demo
|
||||
portal_sso_ps portal_sso_ps
|
||||
portal30 portal30
|
||||
portal30 portal31
|
||||
portal30_admin portal30_admin
|
||||
portal30_demo portal30_demo
|
||||
portal30_ps portal30_ps
|
||||
portal30_public portal30_public
|
||||
portal30_sso portal30_sso
|
||||
portal30_sso_admin portal30_sso_admin
|
||||
portal30_sso_ps portal30_sso_ps
|
||||
portal30_sso_public portal30_sso_public
|
||||
pos pos
|
||||
powercartuser powercartuser
|
||||
primary primary
|
||||
psa psa
|
||||
psb psb
|
||||
psp psp
|
||||
pubsub pubsub
|
||||
pubsub1 pubsub1
|
||||
pv pv
|
||||
qa qa
|
||||
qdba qdba
|
||||
qp qp
|
||||
qs change_on_install
|
||||
qs qs
|
||||
qs unknown
|
||||
qs_adm change_on_install
|
||||
qs_adm qs_adm
|
||||
qs_adm unknown
|
||||
qs_cb change_on_install
|
||||
qs_cb qs_cb
|
||||
qs_cb unknown
|
||||
qs_cbadm change_on_install
|
||||
qs_cbadm qs_cbadm
|
||||
qs_cbadm unknown
|
||||
qs_cs change_on_install
|
||||
qs_cs qs_cs
|
||||
qs_cs unknown
|
||||
qs_es change_on_install
|
||||
qs_es qs_es
|
||||
qs_es unknown
|
||||
qs_os change_on_install
|
||||
qs_os qs_os
|
||||
qs_os unknown
|
||||
qs_ws change_on_install
|
||||
qs_ws qs_ws
|
||||
qs_ws unknown
|
||||
re re
|
||||
rep_manager demo
|
||||
rep_owner demo
|
||||
rep_owner rep_owner
|
||||
rep_user demo
|
||||
repadmin repadmin
|
||||
reports_user oem_temp
|
||||
reports reports
|
||||
rg rg
|
||||
rhx rhx
|
||||
rla rla
|
||||
rlm rlm
|
||||
rmail rmail
|
||||
rman rman
|
||||
rrs rrs
|
||||
sample sample
|
||||
sap sapr3
|
||||
sap 06071992
|
||||
sapr3 sap
|
||||
scott tiger
|
||||
scott tigger
|
||||
sdos_icsap sdos_icsap
|
||||
secdemo secdemo
|
||||
serviceconsumer1 serviceconsumer1
|
||||
sh change_on_install
|
||||
sh sh
|
||||
sh unknown
|
||||
siteminder siteminder
|
||||
si_informtn_schema si_informtn_schema
|
||||
slide slidepw
|
||||
spierson spierson
|
||||
ssp ssp
|
||||
starter starter
|
||||
strat_user strat_passwd
|
||||
swpro swpro
|
||||
swuser swuser
|
||||
sympa sympa
|
||||
sys change_on_install
|
||||
sys d_syspw
|
||||
sys manager
|
||||
sys oracle
|
||||
sys sys
|
||||
sys syspass
|
||||
sys manag3r
|
||||
sys oracl3
|
||||
sys 0racle
|
||||
sys 0racl3
|
||||
sys oracle8
|
||||
sys oracle9
|
||||
sys oracle8i
|
||||
sys oracle9i
|
||||
sys 0racle9i
|
||||
sys 0racl39i
|
||||
sysadm sysadm
|
||||
sysadmin sysadmin
|
||||
sysman oem_temp
|
|
@ -39,20 +39,21 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
register_options(
|
||||
[
|
||||
OptPath.new('USERPASS_FILE', [ false, "File containing (space-seperated) users and passwords, one pair per line",
|
||||
File.join(Msf::Config.install_root, "data", "wordlists", "oracle_default_userpass.txt") ]),
|
||||
OptString.new('SID', [ true, 'The instance (SID) to authenticate against', 'XE'])
|
||||
], self.class)
|
||||
|
||||
deregister_options("USERPASS_FILE")
|
||||
|
||||
end
|
||||
|
||||
def run
|
||||
print_status "Nmap: Setting up credential file..."
|
||||
credfile = create_credfile
|
||||
each_user_pass(true) {|user, pass| credfile[0].puts "%s/%s" % [user,pass] }
|
||||
cred_count = 0
|
||||
each_user_pass(true) {|user, pass| credfile[0].puts "%s/%s" % [user,pass]; cred_count += 1 }
|
||||
credfile[0].flush
|
||||
nmap_build_args(credfile[1])
|
||||
print_status "Nmap: Starting Oracle bruteforce..."
|
||||
print_status "Nmap: Starting Oracle bruteforce with #{cred_count} credentials against SID '#{sid}'..."
|
||||
nmap_run
|
||||
credfile[0].unlink
|
||||
nmap_hosts {|host| process_host(host)}
|
||||
|
|
Loading…
Reference in New Issue