Hacking Oracle in 5 Minutes

Rahul R
Rahul R
Mar 25, 2018 · 2 min read

So Hey everyone I am back with another write-up this time its Oracle

This is a really short write-up and there wont be much info

So few weeks back I was sitting at home watching TV and looking at my linked in when the Postman came with my Udacity Swag and I saw a post by someone who found a XSS in Oracle so I thought lets find some..

So I didn't have my laptop ( because i was so lazy to go upstairs) but I had termux in my mobile so I ran sublister against oracle.com and landed on a sub domain which had a directory listing that contained some random stuff looking through it I found some sensitive info such as host names, ip address , passwords etc .

Still don’t know what this is


Feb 24 Reported the Issue

Mar 09 Initial Reply

Mar 14 Fix issued

Mar 23 Fixed and HOF approved for Oracle CPU April 17

And I was like

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade