2011, the project has been completely rewritten from scratch and this time in Java. The new version of OAP resolves many of the problems with the previous version and introduces threading, new features and an improved GUI.
The framework modules cover the following functionality:
- An Oracle client for crafting manual queries.
- An enumeration module for enumerating the Oracle SID.
- A threaded bruteforcer for checking for default credentials, SIDs or bruteforcing valid username/password combinations.
- An extensible exploit kit written using beanshell.
- A file system module for interacting with the host file system.
- OAPShell - an interactive command shell for executing commands on the host.
We are currently looking for beta testers, if this is something you may be interested in, please drop us an e-mail at research [at] mdsec [dot] co.uk.