The following tutorial explains how to do an Oracle pentest with Backtrack 2.0. Nowadays there are many Oracle 10g databases around. Oracle did a good job (but not a
perfect) hardening the database out of the box. Most tutorials still describe how to break older 8i/9i databases. Most of the older tools are not working against the new 10g listener. We will show how to connect to an Oracle database, decrypt Oracle passwords, hack the TNS listener and escalate privileges.