Oracle Install Notes
Install Notes/Directions for the Oracle Mixin. Tested on Ubuntu 8.04/8.10/9.04 and OS X. Thus far does NOT work on Windows. If you get it working please email CG@MSF with directions.
-start with a working version of the Metasploit Framework 3.3 trunk
############################# # install oracle instantclient # http://www.oracle.com/technology/software/tech/oci/instantclient/index.html # recommend instantclient 10, this should allow you to talk with 8,9,10,&11 versions. ############################# Grab *Instant Client Package - Basic *Instant Client Package - SDK (devel) *Instant Client Package - SQL*Plus **not needed for metasploit but useful to have --unzip into /opt/oracle cg@segfault:~/$ cd /opt/oracle cg@segfault:/opt/oracle$ unzip /opt/oracle/oracle-instantclient-basic-10.2.0.4-1.i386.zip cg@segfault:/opt/oracle$ unzip /opt/oracle/oracle-instantclient-sqlplus-10.2.0.4-1.i386.zip cg@segfault:/opt/oracle$ unzip /opt/oracle/oracle-instantclient-devel-10.2.0.4-1.i386.zip it will unzip everything into /opt/oracle/instantclient_10_2/ create your symlink cg@segfault:/opt/oracle/instantclient_10_2$ ln -s libclntsh.so.10.1 libclntsh.so ######################## # Set up your environment ######################## *you can either create .sh file to make the appropriate changes when you need it or just add it to your .bashrc .bashrc export PATH=$PATH:/opt/oracle/instantclient_10_2 export SQLPATH=/opt/oracle/instantclient_10_2 export TNS_ADMIN=/opt/oracle/instantclient_10_2 export LD_LIBRARY_PATH=/opt/oracle/instantclient_10_2 export ORACLE_HOME=/opt/oracle/instantclient_10_2 ######################## # Install ruby-oci8 VERSION IS IMPORTANT!! # # For ruby 1.8 & ruby 1.9, grab this version of the oci8 driver. # http://rubyforge.org/frs/download.php/65896/ruby-oci8-2.0.3.tar.gz ######################## cg@segfault:~$ tar xvzf ruby-oci8-2.0.3.tar.gz cg@segfault:~$ cd ruby-oci8-2.0.3/ (Hint: Cat the ruby-oci8-2.0.3/README file in another terminal for reference) (You must be within the same terminal & directory you are installing and setting the library) cg@segfault:~/ruby-oci8-2.0.3$ env cg@segfault:~/ruby-oci8-2.0.3$ LD_LIBRARY_PATH=/opt/oracle/instantclient_10_2/ cg@segfault:~/ruby-oci8-2.0.3$ export LD_LIBRARY_PATH cg@segfault:~/ruby-oci8-2.0.3$ env | grep LD_LIBRARY_PATH cg@segfault:~/ruby-oci8-2.0.3$ make cg@segfault:~/ruby-oci8-2.0.3$ sudo make install ######################## # verify sqlplus works ######################## cg@segfault:~$ sqlplus SQL*Plus: Release 10.2.0.4.0 - Production on Sun May 3 12:24:51 2009 Copyright (c) 1982, 2007, Oracle. All Rights Reserved. Enter user-name: ######################## # test the Oracle modules ######################## msf auxiliary(sql) > run [*] Sending SQL... [*] Oracle8i Enterprise Edition Release 8.1.7.0.0 - Production [*] PL/SQL Release 8.1.7.0.0 - Production [*] CORE 8.1.7.0.0 Production [*] TNS for Solaris: Version 8.1.7.0.0 - Production [*] NLSRTL Version 3.4.1.0.0 - Production [*] Done... [*] Auxiliary module execution completed msf auxiliary(sql) >
Common Errors
When I tried to run the oracle_login I get the following error:
msf auxiliary(oracle_login) > run [*] Starting brute force on 192.168.1.100:1521... [-] Auxiliary failed: NameError uninitialized constant OCIError [-] Call stack: [-] /msf3/data/msfweb/vendor/rails/activesupport/lib/active_support/dependencies.rb:443:in `load_missing_constant' [-] /msf3/data/msfweb/vendor/rails/activesupport/lib/active_support/dependencies.rb:80:in `const_missing_with_dependencies' [-] /msf3/data/msfweb/vendor/rails/activesupport/lib/active_support/dependencies.rb:92:in `const_missing' [-] (eval):55:in `rescue in block in run' [-] (eval):52:in `block in run' [-] /usr/lib/ruby/1.9.1/csv.rb:1761:in `each' [-] /usr/lib/ruby/1.9.1/csv.rb:1197:in `block in foreach' [-] /usr/lib/ruby/1.9.1/csv.rb:1335:in `open' [-] /usr/lib/ruby/1.9.1/csv.rb:1196:in `foreach' [-] (eval):47:in `run' [*] Auxiliary module execution completed
Solution: install the ruby-oci8 gem
Key Contributors: Mario Ceballos, Chris Gates, Alexander Polyakov, Rory McCune.