Call: +44 (0)7759 277220 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Alex has a new paper on Yahoo hacking and Oracle"] [Next entry: "Ed also talked about Tom and direct dictionary editing"]

Alex has a new paper on Yahoo hacking and Oracle

I noticed the other day that Alex has a new paper on his site titled "Yahoo Hacking of Oracle Technologies". This is a paper in a similar vein to the Google hacking paper Alex already has on his white papers page. This paper is described on Alex's site as :-

"Read how easy it is to find Oracle technology on the web with Yahoo. This document contains several Yahoo-Searchstrings for Oracle products like iSQLPlus, Oracle HTTP Server, Forms, Reports, Webconferencing, ..."

This paper is basically a quick reference guide to find relevant search srings that can be used to find vulnerable sites for lots of possible Oracle products and Oracle based URL's such as admin pages, iSQL*Plus ...

As with the previous Google paper this paper is marked as being not static. If you are interested in the search engine hacking trend, have a look at this new paper.