Call: +44 (0)7759 277220 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Frank has a great blog entry about web application security"] [Next entry: "Interesting thread on Oracle-l about ftp'ing data into the database"]

A bad way to migrate a database or a good way to retrieve crashed data

I saw Edward Stanglers post titled "" ealier this week on orablogs and made a note of it to take a closer look and I have just realised that I had also made a note about the same Oracle-l thread Ed had found. Ed found it on orafaq but i read the thread in my mail reader as i subscribe to Oracle-l.

The thread probably made Ed sit up because of its apparent foolishness. It made me take notice for another reason. I am always interested in internals and undocumented info as I said yesterday but I am also interested in inventive use of the Oracle software. The thread is certainly inventive! The original poster started a thread called "(NEW) very interesting thing about migrate db from different OS(oracle,not 10G)" - this is URL to the thread index. Basically what he is saying is that he took a Windows 2000 data file and copied it to Linux and then dd'd a Linux datafile header onto it created a control file and the database opened correctly and he was able to query tables. The version was not 10g. A few posters replied that Oracle has been working on this and it is now in 10g, the original poster alluded to this in his insistence of the version of his test being Someone else suggested that there had been other threads elsewhere discussing the same issue and that the reason it will work on some platforms is endian. As Lex pointed out the trick may work on 9i but it is highly unsupported - but interesting all the same.

The original poster then went on to show some examples of copying files and testing some of his theories.

This thread was interesting to me because of the internals and interesting knowledge but also because of an old thread that immediately came to mind from oracle-l when it was over at FatCity. I couldn't remember the thread title or when it was posted but after 30 minutes of googling I managed to find it. The thread was called "Re: Anyone have a copy of DUL ??" and was by Mogens and i remembered it because of the technique Mogens suggested to open a crashed database. This thread discussed the DUL (Data UnLoader) tool that was written by some Dutch guy in Oracle support that can be used to extract data from a completely dead database. Mogens recapped an episode of the first use of DUL to retrieve some technical drawings from a crashed database and then gave an alternative suggestion to get a crashed database open. Here is a quote from this thread that i remembered when i saw the current thread:

"I never tried the other suggestion Andre had (and which he had used many times himself): Create a dummy database that has the same datafiles as the problem database. Then take the file headers from the dummy database and patch on top of the real database. Then you can start up, since the information in the file headers match.

Andre was one cool guy. He's enjoying early retirement, he claims."

He is talking about an Oracle VP called Andre Bakker. Clearly the OP from the current Oracle-l thread was not the first person to try this idea but for different reasons.

Interesting idea, not to be used to migration of databases from one platform to another - well not before 10g but it could be considered as a useful tool to get at crashed data. Also remember that these techniques could be used to get at your data if a hacker were able to simply steal datafiles..:-(, internals and security always come hand in hand!