Home

Awesome

Quentin HARDY
quentin.hardy@protonmail.com
quentin.hardy@bt.com

ODAT

ODAT (Oracle Database Attacking Tool) is an open source penetration testing tool that tests the security of Oracle Databases remotely.

Usage examples of ODAT:

Tested on Oracle Database 10g, 11g, 12c and 18c.

Compatible with both python 2.7 (master branch) and python 3 (master-python3 branch).

ODAT linux standalone version at https://github.com/quentinhardy/odat/releases/. Notice it is recommended to use the development version (git clone), with the master-python3 branch.

Changelog

Features

Thanks to ODAT, you can:

Alt text

Supported Platforms and dependencies

ODAT is compatible with Linux only.

Standalone versions exist in order to don't have need to install dependencies and slqplus (see https://github.com/quentinhardy/odat/releases/). The ODAT standalone has been generated thanks to pyinstaller.

If you want to have the development version installed on your computer, these following tools and dependencies are needed:

Installation (optional, for development version)

This part describes how to install instantclient, CX_Oracle and some others python libraries on Ubuntu in order to have the ODAT development version. Don't forget that an ODAT standalone version exists at https://github.com/quentinhardy/odat/releases/: It is not required to install something for use the standalone version

git clone https://github.com/quentinhardy/odat.git
cd odat/
git submodule init
git submodule update
sudo apt-get install libaio1 python-dev alien python-pip
sudo alien --to-deb oracle-instantclient19.3-basic-???.x???.rpm
sudo alien --to-deb oracle-instantclient19.3-devel-???.x???.rpm
sudo dpkg -i oracle-instantclient19.3-basic-???.x???.deb
sudo dpkg -i oracle-instantclient19.3-devel_???_???.deb
export ORACLE_HOME=/usr/lib/oracle/19.3/client64/
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$ORACLE_HOME/lib
export PATH=$ORACLE_HOME/bin:$PATH
/usr/lib/oracle/19.3/client64/lib/
sudo ldconfig
sudo -s
source /etc/profile
pip install cx_Oracle
python -c 'import cx_Oracle' 

This command should just return without errors.

sudo apt-get install python-scapy
sudo pip install colorlog termcolor pycrypto passlib
sudo pip install argcomplete && sudo activate-global-python-argcomplete
python setup.py install
./odat.py -h

Good job if you have not errors:)

Docs and examples

Docs and examples are on the WIKI

Donation

If you want to support my work doing a donation, I will appreciate a lot: