The Oracle Attack Module in metasploit is incomplete by default. You need to do some work on your own. This article mainly records some errors in the setup environment (operating system backtrack 5 ). By default, some attack functions of Oracle may encounter the following error: ary module execution completed
- MSF>Use auxiliary/admin/Oracle/oracle_login
- MSF auxiliary (oracle_login)>Set rHost 192.168.0.91
- RHost =>192.168.0.91
- MSF auxiliary (oracle_login)>Run
- [-] Failed to load the OCI Library: no such file to load -- oci8
- [-] See http://www.metasploit.com/redmine/projects/framework/wiki/OracleUsage for installation instructions
- [*] Auxiliary module execution completed
|
Install Oracle instant clinet download basic, sqlplus, and SDK: http://www.oracle.com/technetwork/database/features/instant-client/index-097480.html, unzip the three packages to the same directory and create a libclntsh. So-> libclntsh. so.11.1 link.
- >Unzip/opt/Oracle/instantclient-basic-linux32-11.2.0.2.0.zip.
- >Unzip/opt/Oracle/instantclient-sqlplus-linux32-11.2.0.2.0.zip.
- >Unzip/opt/Oracle/instantclient-sdk-linux32-11.2.0.2.0.zip.
- >Ln-s libclntsh. so.11.1 libclntsh. So
|
The contents in the directory are roughly as follows:
- Root @ BT:/opt/Oracle/instantclient_11_2 # ls
- Adrci libclntsh. So libociei. So ojdbc5.jar sqlplus_readme
- Basic_readme libclntsh. so.11.1 libocijdbc11.so ojdbc6.jar uidrvci
- Genezi libnnz11.so libsqlplusic. So SDK xstreams. Jar
- Glogin. SQL libocci. so.11.1 libsqlplus. So sqlplus
|
Then execute VI ~ /. Bashrc Add the following environment variables at the end of the file:
- Export Path = $ path:/opt/Oracle/instantclient_11_2
- Export sqlpath =/opt/Oracle/instantclient_11_2
- Export tns_admin =/opt/Oracle/instantclient_11_2
- Export LD_LIBRARY_PATH =/opt/Oracle/instantclient_11_2
- Export ORACLE_HOME =/opt/Oracle/instantclient_11_2
|
Check whether the Oracle Instant Client is successfully installed.
- Root @ BT :~ # Sqlplus Scott/tiger @ // 192.168.0.91/orcl
- SQL * Plus: Release 11.2.0.2.0 production on Fri Sep 23 04:39:08 2011
- Copyright (c) 1982,201 0, Oracle. All rights reserved.
- Connected:
- Oracle Database 10g Enterprise Edition Release 10.1.0.2.0-Production
- With the partitioning, OLAP and Data Mining options
- SQL>
|
Download oci8 installation link: http://ruby-oci8.rubyforge.org/en/, decompress the file, and run make and make install. Before running these two commands, use the Env command to check whether the environment variables set earlier have taken effect. If the environment variables have not taken effect, the preceding sqlplus cannot run, restart the computer. For more information, see http://dev.metasploit.com/redmine/projects/1/wiki/oracleusage. After the installation is complete, verify that oci8 is successfully installed. The following problems occur in the version I used.
- Root @ BT :~ # IRB
- IRB (main): 001: 0>Require 'ci8'
- Loaderror: no such file to load -- oci8lib_191
- From/usr/local/lib/site_ruby/1.9.2/oci8.rb: 40: In 'require'
- From/usr/local/lib/site_ruby/1.9.2/oci8.rb: 40: in'<Top(Required)>'
- From (IRB): 1: In 'require'
- From (IRB): 1
- From/usr/bin/IRB: 12: In'<Main>'
|
Because my ruby version is 1.9.2 and the oci8lib_192 file is generated during installation, you need to change the oci8.rb file.
| Root @ BT:/usr/local/lib/site_ruby/1.9.2 # vi oci8.rb |
Add one more when to use the oci8lib_192 library.
- # The suffix number indicates the ruby API version.
- #18-Ruby 1.8.x
- #191-Ruby 1.9.1 and 1.9.2
- # 19x-Ruby 1.9.x future version which will break the API compatibility
- CaseRuby_version
- When/^ 1 \. 9 \. 1/
- So_basename + = '000000'
- When/^ 1 \. 9 \. 2/
- So_basename + = '000000'
- When/^ 1 \. 8/
- So_basename + = '18'
- Else
- Raise'Unsupported Ruby version: '+ ruby_version
- End
- Require so_basename
|
Now let's confirm that the following similar information appears.
- IRB (main): 002: 0>Require 'ci8'
- Warning: nls_lang is not set. fallback to US-ASCII.
- =>True
|
On backtrack5 R1, MSF still appears
- [-] Failed to load the OCI Library: no such file to load -- oci8
|
This is because the metasploit environment variable does not contain the installed oci8. You can run the following command in metasploit to confirm
- MSF auxiliary (oracle_login)>Ruby-r rbconfig-e "puts config: config ['sitelibdir']"
- [*] Exec: Ruby-r rbconfig-e "puts config: config ['sitelibdir']"
- /Opt/framework/Ruby/lib/Ruby/site_ruby/1.9.1
|
- MSF auxiliary (oracle_login)>Env | grep rubylib
- [*] Exec: ENV | grep rubylib
- Rubylib =/opt/framework/Ruby/lib:/opt/framework/Ruby/lib/RUBY:/opt/framework/Ruby/lib/Ruby/1.9.1: /opt/framework/Ruby/lib/Ruby/1.9.1/i686-linux:/opt/framework/Ruby/lib/Ruby/site_ruby: /opt/framework/Ruby/lib/Ruby/site_ruby/1.9.1:/opt/framework/Ruby/lib/Ruby/site_ruby/1.9.1/i686-linux
|
Add the directory of your installed oci8 to the rublib of/opt/framework3/scripts/setenv. Sh.
| :/Usr/local/lib/site_ruby/1.9.2:/usr/local/lib/site_ruby/1.9.2/i486-linux |
Restart msfconsole
- MSF>Use auxiliary/admin/Oracle/oracle_login
- MSF auxiliary (oracle_login)>Set rHost 192.168.0.91
- RHost =>192.168.0.91
- MSF auxiliary (oracle_login)>Run
- [*] Starting brute force on 192.168.0.91: 1521...
- [*] Found user/pass of: Scott/tiger on 192.168.0.91 with Sid orcl
- [*] Auxiliary module execution completed
|
