This is a java script I wrote a while back, that will allow the user to run an Oracle query with spoofed session values for Program, OS User and Machine Name. These values are stored in the V$Session view in Oracle, while these values (and others) can be easily set ... they are still utilized in many cases as part of authentication. This script can help audit additional control points on any systems that use all or some of these values as part of authentication.
This file can be found on the wiki here.
Wednesday, April 22, 2009
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment