In front, you Xia introduced some knowledge about database vulnerability scanning and launched an "Authorization scan" for Oracle databases. Now we perform a "weak password scan ", because weak passwords are almost the biggest threat to databases, we listed "weak password scanning" in database vulnerability scanning ". The target of this project is still the Oracle database.
As mentioned in the previous article, right-click the task and choose weak password scan"
The database vulnerability scan will list the database server addresses contained in the task and fill in the database logon information. Here, the user name is sys and the connection identity is sysdba.
Next, we will perform the weak password scan configuration. The default dictionary I selected contains tens of thousands of common weak passwords. Of course, you can also Scan Based on the rules or make a poor effort.
After confirmation, the weak password of the Oracle database is automatically attempted, and the real-time scan status is displayed:
After scanning, We will list the weak password scanning overview of the database. We can see 25 weak password users.
Export the weak password scan report:
Lists user names, passwords, user statuses, attack methods, and levels.
The database vulnerability scanning system can be used to Easily Evaluate the strong passwords of common databases. It is suitable for routine database security assessment, classified protection assessment, and other occasions.
This "database vulnerability scan" topic contains 6 articles,:
- Evaluate database security by using database vulnerability scan 1 Overview
- Evaluate database security by using database vulnerability scan 2 create a scan task
- Use Database vulnerability scan to evaluate database security 3 Authorization Scan
- Evaluate database security by using database vulnerability scan 4 weak password Scan
- Evaluate database security using database vulnerability scan 5 unauthorized scanning
- Evaluate database security with database vulnerability scan 6 penetration attacks
Author: Source of reprinted by Zhang baichuan (Web Ranger) www.youxia.org! Thank you.