However, I believe it delivers some additional value, if Oracle’s SQL Developer is the IDE of your choice. In the end this is just another PL/SQL Unwrapper. Is this really harmful? There are already a couple of other 10g unwrapper available, such as: Obviously I decided to publish it nonetheless. Marcel Lambrechts’ blog about Unwrapping Wrapped PL/SQL in Oracle 10gR2 – 12cR1Īfter flipping through all these pages I had some second thoughts about publishing an unwrapper, especially since David, Pete and Anton were a bit secretive about certain details such as the substitution table.Automatic Detection of Vulnerabilities in Wrapped Packages in Oracle by Yaron Gur-Arieh, Nikita Zubrilov and Ilya Kolchinsky.Anton Scheffler’s blog post about Unwrapping 10g wrapped PL/SQL.Pete Finnigan’s How to Unwrap PL/SQL. Pete provides a lot of useful resources on his blog and has shown in this post, that he owns unwrappers for 9i and 10g, which should be capable to handle every wrapped code.David Litchfield’s The Oracle Hacker’s Handbook: Hacking and Defending Oracle (chapter 5).In fact I googled and found the following information helpful: Print decode_base64_package ( base64str )Įven if this code looked straight forward on the first sight, it took me a moment or two to understand it.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |