Skip to main content

Oracle Credentials

Description#

General#

  • Documentation: https://docs.oracle.com/en/database/oracle/oracle-database/index.html
  • Summary: Oracle database is a multi-model database management system. This detector aims at finding Oracle credentials in the form of URI connection strings.
  • IPs allowlist: This can be implemented on the server side.
  • Scopes: Oracle DB supports Role Based Access Control. Users can thus be granted with different access ranges. Here is a more detailed documentation on this topic.

Revoke the secret#

Primary administrators of the database can revoke and manage users' credentials. Users can also change their own password using command line tools.

Check for suspicious activity#

Database access logs can be stored and audited on the server side to investigate suspicious activities.

Details for Oracle uri#

  • Family: Database

  • Category: Data storage

  • High recall: True

  • Validity check available: False

  • Minimum number of matches: 8

  • Occurrences found for one million commits: 0.17

  • Prefixed: True

  • PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions: []  banlist_filenames: []  check_binaries: false  include_default_banlist_extensions: true  ban_markup: false- type: ContentWhitelistPreValidator  patterns:  - oracle

Examples#

- text: |    CONNECTION_URI="oracle://root:p42pgsx0pf@google.com:5434/thegift"  host: google.com  port: "5434"  username: root  password: p42pgsx0pf  scheme: oracle  database: thegift  connection_uri: oracle://root:p42pgsx0pf@google.com:5434/thegift
# Test special characters in password- text: |    CONNECTION_URI="oracle://root:k44p!o@1kb@google.com:5434/thegift"  host: google.com  port: "5434"  username: root  password: k44p!o@1kb  scheme: oracle  database: thegift  connection_uri: oracle://root:k44p!o@1kb@google.com:5434/thegift
# Test detection in md files- text: |    CONNECTION_URI="oracle://root:k44p!o@1kb@google.com:5434/thegift"  host: google.com  port: "5434"  username: root  password: k44p!o@1kb  scheme: oracle  database: thegift  connection_uri: oracle://root:k44p!o@1kb@google.com:5434/thegift  filename: some_file.md