Land rapid7#5251, @hmoore-r7's second opportunity to Oracle connect

SYSTEM shouldn't have SYSDBA privileges by default anymore

Author: jvazquez-r7

lib/msf/core/exploit/oracle.rb

@@ -52,26 +52,38 @@ def check_dependencies
   end
 
   def connect
+    handle = nil
+
     if(not @oci8_loaded)
       raise RuntimeError, "Could not load the Oracle driver (oci8): #{@oci8_error}"
     end
 
     # Create a Connection to the Database
     if datastore['DBUSER'] == 'SYS' || datastore['DBUSER'] == 'SYSTEM'
-      handle = OCI8.new(
-        datastore['DBUSER'],
-        datastore['DBPASS'],
-        "//#{datastore['RHOST']}:#{datastore['RPORT']}/#{datastore['SID']}",
-        :SYSDBA
-      )
+      begin
+        handle = OCI8.new(
+          datastore['DBUSER'],
+          datastore['DBPASS'],
+          "//#{datastore['RHOST']}:#{datastore['RPORT']}/#{datastore['SID']}",
+          :SYSDBA
+        )
+      rescue ::OCIError
+        # Try again without a request for SYSDBA
+        vprint_status('Insufficient privileges, trying without SYSDBA')
+        handle = OCI8.new(
+          datastore['DBUSER'],
+          datastore['DBPASS'],
+          "//#{datastore['RHOST']}:#{datastore['RPORT']}/#{datastore['SID']}"
+        )
+      end
     else
       handle = OCI8.new(
         datastore['DBUSER'],
         datastore['DBPASS'],
         "//#{datastore['RHOST']}:#{datastore['RPORT']}/#{datastore['SID']}"
       )
     end
-
+    handle
   end
 
   def disconnect