Home page logo
/
Zenmap screenshot
Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
Example Nmap output

File oracle-enum-users

Script types: portrule
Categories: intrusive, auth
Download: http://nmap.org/svn/scripts/oracle-enum-users.nse

User Summary

Attempts to enumerate valid Oracle user names against unpatched Oracle 11g servers (this bug was fixed in Oracle's October 2009 Critical Patch Update).

Script Arguments

oracle-enum-users.sid

the instance against which to attempt user enumeration

passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb

See the documentation for the unpwdb library.

Example Usage

nmap --script oracle-enum-users --script-args oracle-enum-users.sid=ORCL,userdb=orausers.txt -p 1521-1560 <host>

If no userdb is supplied the default userlist is used

Script Output

PORT     STATE SERVICE REASON
1521/tcp open  oracle  syn-ack
| oracle-enum-users:
|   haxxor is a valid user account
|   noob is a valid user account
|_  patrik is a valid user account

Requires


Author: Patrik Karlsson

License: Same as Nmap--See http://nmap.org/book/man-legal.html

Nmap Site Navigation

Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]