Fri 26 Feb 2010
Of course, the usual caveats apply – if it breaks something, I’m not responsible 🙂 Use at your own risk. I’m using the sidlist.txt file from David’s OAK but there are plenty of available resources with common SID lists.
Update: Alex graciously let me know that he was the one that originally created the SID list and also granted me permission to use his latest version with the script.
Here are some usage details:
slavik@slavik-laptop:~/Oracle/Security/osid-enum$ ./osid-guess.py Usage: osid-guess.py [options]
osid-guess.py: error: You must provide the host of the listener
slavik@slavik-laptop:~/Oracle/Security/osid-enum$ ./osid-guess.py -h
Usage: osid-guess.py [options] Try to find the Oracle SID iterating a list of potential SIDs from a file or from stdin Options: --version show program's version number and exit -h, --help show this help message and exit Target options: Specify the location of the listener -t HOST, --host=HOST The host running the listener -p PORT, --port=PORT The port of the listener  -s SIDLIST, --sidlist=SIDLIST The filename containing the sids to try [stdin if missing] End user details: Specify end user details to send to the listener -u USER, --user=USER The user to provide to the listener [SCOTT] -a PROGRAM, --program=PROGRAM The program name to provide to the listner [sqlplus] -m MACHINE, --machine=MACHINE The name of the machine to provide to the listener [localhost]
General options: General options to control verbose output, etc. -q, --quiet don't print status messages to stdout [output progress to stdout by default] slavik@slavik-laptop:~/Oracle/Security/osid-enum$ ./osid-guess.py -t localhost Receiving service names from stdout Opening connection to localhost:1521 test Trying SERVICE_NAME - test Trying SID - test aaa Trying SERVICE_NAME - aaa Trying SID - aaa db11200 Trying SERVICE_NAME - db11200 Listener supports service db11200 Trying SID - db11200 Listener supports sid db11200 On *nix, you need to press Ctrl-D between names slavik@slavik-laptop:~/Oracle/Security/osid-enum$ ./osid-guess.py -t localhost -s sid.txt -q Listener supports service DB11200 Listener supports sid DB11200
So, that’s it. A very simple utility that does not have any pre-requisites (except Python, of course).
I’d love to hear some feedback…