Oscanner Package Description

Oscanner is an Oracle assessment framework developed in Java. It has a plugin-based architecture and comes with a couple of plugins that currently do:

  • Sid Enumeration
  • Passwords tests (common & dictionary)
  • Enumerate Oracle version
  • Enumerate account roles
  • Enumerate account privileges
  • Enumerate account hashes
  • Enumerate audit information
  • Enumerate password policies
  • Enumerate database links

The results are given in a graphical java tree.

Source: http://www.cqure.net/wp/tools/database/oscanner/
Oscanner Homepage | Kali Oscanner Repo

  • Author: Patrik Karlsson
  • License: GPLv2

Tools included in the oscanner package

oscanner – Oracle assessment framework
root@kali:~# oscanner
    Oracle Scanner 1.0.6 by patrik@cqure.net
    OracleScanner -s <ip> -r <repfile> [options]
        -s  <servername>
        -f  <serverlist>
        -P  <portnr>
        -v  be verbose

oscanner Usage Example

Scan the target server (-s on port 1040 (-P 1040):

root@kali:~# oscanner -s -P 1040
Oracle Scanner 1.0.6 by patrik@cqure.net
[-] Checking host
[x] Failed to enumerate sids from host
[-] Loading services/sids from service file