The White Papers presented on this page have been written by Pentest Consultants for various forums, user groups and seminars and for the general security community.
Security ScansIdentifying Oracle Database Installations during a Network Scan
This article discusses some tools and techniques for identifying TNS listeners on the Network.Simple Oracle Security Scanner
Pentest consultants submitted an article for the well known security web site www.securityfocus.com. The paper focused on some of the simple configuration issues that exist in Oracle databases that can cause security holes. The paper also included a simple tool to perform a host based scan of an oracle database.
This tool can be found at http://www.pentest.co.uk/sql/scanner.sql
WirelessWireless Security Assessment and Penetration Testing Tools
An article giving an overview of some of the security issues with wireless technology and some guidance on suitable tools to help with pen testing wireless.Wireless Security Considerations
A more balanced view of some recent stories surrounding wireless networks and the vulnerabilities that they create.Bluetooth dongle modification
A short article on how to modify a standard Bluetooth dongle so that it can connect to an external antenna.
OracleExploiting And Protecting Oracle
This major paper gives an overview of how to hack into Oracle and where the vulnerabilities lie covering all of the main parts of the RDBMS and associated tools pointing out potentially exploitable vulnerabilities. Also discussed briefly are SQL techniques for finding out what is in the database, where it is, how it's structured, how the database is protected, what to read, what permissions you have when you get an account and how to see and interpret the audit trail.Extracting Clear Text Passwords from the SGA
This paper is a posting made to www.securityfocus.com to show how incorrect setting of the Oracle parameter utl_file_dir can be exploited to read clear text passwords from the Oracle SGA.Oracle Default User and Password List
This paper contains a table of default Oracle users, passwords and hashes. This table will be updated with any new default users and passwords as they become available. Pentest invites anyone to contribute with any new default users that are not included at present. Please email Pentest:oracle with any new data.Issues with the initialisation parameter fixed date
This short paper describes the issues that can arise if an Oracle application uses the system date SYSDATE for critical functionality and if it's possible for an attacker to alter the initialisation parameter fixed_date.Have your objects been tampered with ?
Have you ever wanted to check if users are tampering with your Oracle PL/SQL source code stored within the database itself or even added or changed database objects? You can buy third party products to do this for the operating system files but how would you do it for your database objects ?
This article discusses a few ideas on how to make Oracle passwords that bit more secure.
PresentationsCyber Adversary Characterisation
This is a presentation given by Tom Parker at Blackhat 2003 (Las Vegas) on Cyber Adversary Characterisation.Wireless Threats To Corporate Security
This is a presentation given by Matt Moore and Mark Rowe during 2003 at Salford University for ISACA UK Northern Chapter on Wireless Threats To Corporate Security.Bluetooth vulnerabilities, Fact and Fiction
This is a presentation given by Mark Rowe and Tim Hurman at the 2004 Wireless Connectivity (WiCon) World in Amsterdam on the fact and fiction behind publicised Bluetooth vulnerabilities.Bluetooth security, Issues, Threats and Consequences
This is a presentation given by Mark Rowe and Tim Hurman at the 2004 Wireless Broadband Forum in Cambridge on the general security of Bluetooth devices.ARMed combat: The fight for personal security
This is a presentation given by Tim Hurman at the 2006 EuSecWest conference in London. This covers details of creating exploits for ARM/WinCE and the issues surrounding patches and firmware upgrades.
Embedded/ARMExploring Windows CE Shellcode
An article showing the potential for vulnerabilities to affect handheld devices. The article adapts existing techniques to Windows CE on the ARM architecture. Demonstration code with a benign payload is provided.
Pentest offers a thorough, yet adaptive range of security services to help customers address vulnerabilities in their network or applications. Services include: Secure Coding Workshops, SAST tools, Manual Penetration Testing and Security Audits.
Pentest offers a complete Database Security Assessment Service (DSAS) to businesses that rely on the security of the information held within their databases or have concerns relating to the security compliance of these systems.