Skip to content

Commit 61fdba7

Browse files
quentinhardyquentinhardy
committed
Merge branch 'master-python3' of https://github.com/quentinhardy/odat into master-python3
2 parents ca8bd80 + b3b4384 commit 61fdba7

File tree

1 file changed

+6
-6
lines changed

1 file changed

+6
-6
lines changed

README.md

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ Usage examples of ODAT:
1616

1717
Tested on Oracle Database __10g__, __11g__, __12c__ and __18c__.
1818

19-
__ODAT linux standalone__ version at [https://github.com/quentinhardy/odat/releases/](https://github.com/quentinhardy/odat/releases/). Notice it is recommended to use the development version (*git clone*).
19+
__ODAT linux standalone__ version at [https://github.com/quentinhardy/odat/releases/](https://github.com/quentinhardy/odat/releases/). Notice it is recommended to use the development version (*git clone*), *master-python3* branch (python 3 version).
2020

2121
Changelog
2222
====
@@ -118,6 +118,7 @@ Thanks to ODAT, you can:
118118
* oradbg
119119
* __download files__ stored on the database server using:
120120
* UTL_FILE
121+
* DBMS_XSLPROCESSOR
121122
* external tables
122123
* CTXSYS
123124
* DBMS_LOB
@@ -127,7 +128,7 @@ Thanks to ODAT, you can:
127128
* DBMS_ADVISOR
128129
* __delete files__ using:
129130
* UTL_FILE
130-
* __gain privileged access__ using these following system privileges combinations (see help for *privesc* module commands): (__NEW__ : 2016/02/21)
131+
* __gain privileged access__ using these following system privileges combinations (see help for *privesc* module commands):
131132
* CREATE ANY PROCEDURE
132133
* CREATE PROCEDURE and EXECUTE ANY PROCEDURE
133134
* CREATE ANY TRIGER (and CREATE PROCEDURE)
@@ -147,12 +148,11 @@ Thanks to ODAT, you can:
147148
* pickup the session key and salt for arbitrary users
148149
* attack by dictionary on sessions
149150
* the [__CVE-2012-????__](https://twitter.com/gokhanatil/status/595853921479991297): A user authenticated can modify all tables who can select even if he can't modify them normally (no ALTER privilege).
150-
* the [__CVE-2012-1675__](http://seclists.org/fulldisclosure/2012/Apr/204) (aka TNS poisoning attack) (__NEW__ : 25/03/2016)
151+
* the [__CVE-2012-1675__](http://seclists.org/fulldisclosure/2012/Apr/204) (aka TNS poisoning attack)
151152
* __search in column names__ thanks to the *search* module:
152153
* search a pattern (ex: password) in column names
153154
* __unwrap__ PL/SQL source code (10g/11g and 12c)
154-
* get __system privileges__ and __roles granted__. It is possible to get privileges and roles of roles granted also (__NEW__ : 21/02/2016)
155-
155+
* get __system privileges__ and __roles granted__. It is possible to get privileges and roles of roles granted also
156156
![Alt text](./pictures/ODAT_main_features_v2.0.jpg)
157157

158158
Supported Platforms and dependencies
@@ -221,7 +221,7 @@ sudo dpkg -i oracle-instantclient19.3-devel_???_???.deb
221221
```bash
222222
export ORACLE_HOME=/usr/lib/oracle/19.3/client64/
223223
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$ORACLE_HOME/lib
224-
export PATH=$ORACLE_HOME/bin:$PATH
224+
export PATH=${ORACLE_HOME}bin:$PATH
225225
```
226226

227227
* Restart your session (to apply env variables)

0 commit comments

Comments
 (0)