We all know that the remote Oracle tnslsnr server is generally not configured with the relevant password. If an attacker finds this risk, to disable the Oracle tnslsnr server or set a new password, which will affect the normal use of legal users.
Attackers can also obtain detailed information about the database to launch further attacks. In combination with other vulnerabilities, attackers can even create or modify files on the target system to intrude into the system.
Switch to the Oracle administrator and execute the following commands
- $Oracle_HOME/bin/lsnrctl
- LSNRCTL> change_password
Old password: <original password> <-- if no password is set, press Enter. Otherwise, enter the original password.
New password: <New password>
Reenter new password: <new password>
- Connecting to (ADDRESS=(PROTOCOL=ipc)(KEY=XXX))
- Password changed for LISTENER
- The command completed successfully
- LSNRCTL> set password
Password: <enter a new Password>
- LSNRCTL> save_config (this step is important. Save the current settings)
- Copy [nsfocus aurora]
The above content is a description of Oracle tnslsnr without a password. I hope it will help you in this regard.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
