Hi,You may want to check the BBED thread that was posted to the list last week:
http://www.freelists.org/archives/oracle-l/01-2007/msg01163.html Cheers, Phil On 7 Feb 2007, at 11:22, Naqi Mirza wrote:
Thanks Steve, the files will be offline and one of the main purposes of this is to show that data, can be read out of an oracle datafile by a malicious user (sure specifying the count and skip could take some doing by a hacker, but its still possible). Even with vpd and label security the dba (the insider threat) could still get access to this data. This is one of the reasons of pushing the use of TDE at a site - need to check and confirm if this same information is encrypted in the datafiles.Thanks. Naqi ----- Original Message ---- From: Steve Adams <steve.adams@xxxxxxxxxxxx> To: naqimirza@xxxxxxxxx Cc: "Oracle-L @ freelists.org" <oracle-l@xxxxxxxxxxxxx> Sent: Wednesday, 7 February, 2007 2:18:24 PM Subject: Re: Using DD to Read Data from Oracle Datafiles Hi Naqi,The numbers are stored in a coded format. Check the Oracle documentationfor the format, or Google for it on various other web sites.You also need to ensure that you consult the row directory in the blockto find valid row offsets, the ITLs and corresponding undo segments to check for transactional integrity, and so on. Just using strings, even for purely text data, is not reliable. @ Regards, @ Steve Adams @ Oracle-L List Administrator @ http://www.ixora.com.au/ - For DBAs @ http://www.christianity.net.au/ - For all Naqi Mirza @ 7/02/2007 7:15 PM: > Hi, > I am using dd to read data out of oracle datafiles from an oracle 9i > database on solaris. I am using the following command: >> dd if=/location_to_oracle_datafile_and_file_name.DBF bs=8192 skip=11764> count=8 | strings > > I have a table called DEPT, querying dba_extents, I see that its> block_id is 11764. It also have 8 blocks assigned to it. Now using the> above, I get the following output: > > OPERATIONS > BOSTON, > SALES > CHICAGO, > RESEARCH > DALLAS, > ACCOUNTING > NEW YORK >> Whats missing from here is numeric values. Since I am piping the output > to strings , strings will not print out numerics. Does anyone know how i > can use the method above to successfully read an entire table and print> out all its comments. > Thanks. > >> ---------------------------------------------------------------------- --> To help you stay safe and secure online, we've developed the all new > Yahoo! Security Centre> <http://us.rd.yahoo.com/mail/uk/taglines/default/security_centre/ *http://uk.security.yahoo.com/>.What kind of emailer are you? Find out today - get a free analysis of your email personality. Take the quiz at the Yahoo! Mail Championship.