Hi,
You may want to check the BBED thread that was posted to the list last
week:
//www.freelists.org/archives/oracle-l/01-2007/msg01163.html
Cheers,
Phil
On 7 Feb 2007, at 11:22, Naqi Mirza wrote:
Thanks Steve, the files will be offline and one of the main purposes of
this is to show that data, can be read out of an oracle datafile by a
malicious user (sure specifying the count and skip could take some doing by
a hacker, but its still possible). Even with vpd and label security the dba
(the insider threat) could still get access to this data. This is one of the
reasons of pushing the use of TDE at a site - need to check and confirm if
this same information is encrypted in the datafiles.
Thanks.
Naqi
----- Original Message ----
From: Steve Adams <steve.adams@xxxxxxxxxxxx>
To: naqimirza@xxxxxxxxx
Cc: "Oracle-L @ freelists.org" <oracle-l@xxxxxxxxxxxxx>
Sent: Wednesday, 7 February, 2007 2:18:24 PM
Subject: Re: Using DD to Read Data from Oracle Datafiles
Hi Naqi,
The numbers are stored in a coded format. Check the Oracle documentation
for the format, or Google for it on various other web sites.
You also need to ensure that you consult the row directory in the block
to find valid row offsets, the ITLs and corresponding undo segments to
check for transactional integrity, and so on. Just using strings, even
for purely text data, is not reliable.
@ Regards,
@ Steve Adams
@ Oracle-L List Administrator
@ http://www.ixora.com.au/ - For DBAs
@ http://www.christianity.net.au/ - For all
Naqi Mirza @ 7/02/2007 7:15 PM:
> Hi,
> I am using dd to read data out of oracle datafiles from an oracle 9i
> database on solaris. I am using the following command:
>
> dd if=/location_to_oracle_datafile_and_file_name.DBF bs=8192 skip=11764
> count=8 | strings
>
> I have a table called DEPT, querying dba_extents, I see that its
> block_id is 11764. It also have 8 blocks assigned to it. Now using the
> above, I get the following output:
>
> OPERATIONS
> BOSTON,
> SALES
> CHICAGO,
> RESEARCH
> DALLAS,
> ACCOUNTING
> NEW YORK
>
> Whats missing from here is numeric values. Since I am piping the output
> to strings , strings will not print out numerics. Does anyone know how i
> can use the method above to successfully read an entire table and print
> out all its comments.
> Thanks.
>
>
> ------------------------------------------------------------------------
> To help you stay safe and secure online, we've developed the all new
> Yahoo! Security Centre
> <
http://us.rd.yahoo.com/mail/uk/taglines/default/security_centre/*http://uk.security.yahoo.com/
>.
------------------------------
What kind of emailer are you? Find out today - get a free analysis of your
email personality. Take the quiz at the Yahoo! Mail
Championship<http://uk.rd.yahoo.com/mail/uk/taglines/default/championships/quiz/*http://uk.rd.yahoo.com/evt=44106/*http://mail.yahoo.net/uk/>
.
