漏洞描述
Detected exposure of the sqlnet.log file in Oracle E-Business Suite (EBS), which often contained sensitive information such as database connection details, TNS entries, usernames, and error logs.
oracle-ebs-sqllog-exposure: Oracle EBS SQL Log - Exposure
PoC代码[已公开]
id: oracle-ebs-sqllog-exposure
info:
name: Oracle EBS SQL Log - Exposure
author: theamanrawat
severity: medium
description: |
Detected exposure of the sqlnet.log file in Oracle E-Business Suite (EBS), which often contained sensitive information such as database connection details, TNS entries, usernames, and error logs.
reference:
- https://the-infosec.com/2017/03/29/do-you-know-what-your-erp-is-telling-us/
metadata:
verified: false
max-request: 2
tags: oracle,ebs,exposure,log,sensitive
http:
- method: GET
path:
- "{{BaseURL}}/html/bin/sqlnet.log"
- "{{BaseURL}}/OA_HTML/bin/sqlnet.log"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
part: body
words:
- "DESCRIPTION="
- "USER="
condition: and
- type: word
part: header
words:
- "text/plain"
- type: status
status:
- 200
# digest: 4b0a00483046022100fa1b1e14734bff3e46903819c35c016dea336b5c1e9eb1093cfb938c94974899022100e879a7ea0db18abe96cbbd0e5b5eac4bcae657ed58459a7c3c775feba263ce52:922c64590222798bb761d5b6d8e72950