p.s. in future for questions like this "if 1) they are all sys dbs"
there is a switch called: --exclude-sysdbs which will filter out all
system database names from --dbs output

kr

On Wed, May 25, 2011 at 12:23 PM, Miroslav Stampar
<miroslav.stam...@gmail.com> wrote:
> hi Chris.
>
> Oracle has a rather different "concept" for databases (from dumping
> point of view).
>
> data is stored into "schemas" which are the same thing as "users", and
> each user has it's tables under the same named schema.
>
> that means that your best best would be to use the:
>
> --tables -D IFSSYS             <--- current user name
> and then dump tables from there on
>
> also, be sure that you are using the latest revision from our repository
>
> kr
>
> On Wed, May 25, 2011 at 12:16 PM, Chris Oakley
> <christopher.oak...@gmail.com> wrote:
>> Hi All
>>
>> Not a sqlmap question as such, but maybe someone can help.  I've found an
>> sqli flaw in a test that has resulted in the following:
>>
>> ---
>> banner:    'Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 -
>> 64bi'
>> current user is DBA:    'False'
>> current user:    'IFSSYS'
>>
>> available databases [4]:
>> [*] CTXSYS
>> [*] IFSSYS
>> [*] SYS
>> [*] SYSTEM
>> ---
>>
>> These all seem to be system databases.  I don't know enough about Oracle to
>> know if 1) they are all sys dbs 2) if there's anywhere I can go from here.
>> The content of these databases seems to be all related to privs and such
>> within Oracle.  What I'm looking for is the web app data.  Does anyone more
>> familiar with Oracle know why it would only be systems databases accessible
>> through the sqli flaw?
>>
>> We can try other tactics later but I was just wondering if this is normal
>> from a data extraction point of view with Oracle.  I've dumped a fair amount
>> of the data and there's none systems related so far...
>>
>> Cheers
>>
>> Chris
>>
>>
>>
>> ------------------------------------------------------------------------------
>> vRanger cuts backup time in half-while increasing security.
>> With the market-leading solution for virtual backup and recovery,
>> you get blazing-fast, flexible, and affordable data protection.
>> Download your free trial now.
>> http://p.sf.net/sfu/quest-d2dcopy1
>> _______________________________________________
>> sqlmap-users mailing list
>> sqlmap-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>
>>
>
>
>
> --
> Miroslav Stampar
>
> E-mail: miroslav.stampar (at) gmail.com
> PGP Key ID: 0xB5397B1B
>



-- 
Miroslav Stampar

E-mail: miroslav.stampar (at) gmail.com
PGP Key ID: 0xB5397B1B

------------------------------------------------------------------------------
vRanger cuts backup time in half-while increasing security.
With the market-leading solution for virtual backup and recovery, 
you get blazing-fast, flexible, and affordable data protection.
Download your free trial now. 
http://p.sf.net/sfu/quest-d2dcopy1
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users

Reply via email to