Wodat – Windows Oracle Database Attack Toolkit

Simple port of the popular Oracle Database Attack Tool (ODAT) (

TEST

Module tests if the given connection string can connect successfully.

wodat.exe TEST -server:XXX.XXX.XXX.XXX -port:1521 -sid:XE -user:peter -pass:pan

DISC

Module will perform discovery against provided CIDR range or file with instances. Note, only instances with valid TNS listeners will be returned. Testing a network range will be much faster as it’s processed in parallel.

wodat.exe DISC

Instances to test must be formatted as per the below example targets.txt:

192.168.10.1
192.168.10.5,1521

ALL

Not implemented yet.

RECON

Not implemented yet.

Setup and Requirements

You can grab automated release build from the GitHub Actions or build yourself using the following commands:

nuget restore wodat.sln
msbuild wodat.sln -t:rebuild -property:Configuration=Release

Some general notes: The Oracle.ManagedDataAccess.dll library will have to be copied with the binary. I’m looking at ways of embedding it.

Todo

• Handle SYSDBA and SYSOPER connections
• Implement outstanding modules
• Various validation, error handling code still needs to be done
• Some minor known bugfixes
• Add options to check against built in lists for SID, ServiceNames or common credentials