Your browser has been detected as Internet Explorer 6. Please note not all website functionality will be available. Therefore we strongry reccoment upgrading your browser.

About Us

Testing Services

Vulnerability assessment
7Safe’s vulnerability assessment and vulnerability testing service goes beyond simple automated tools and includes manual verification and the eyes of a real penetration testing team.
Penetration testing
Penetration testing, pen testing or sometimes known as “ethical hacking” is a security testing service that focuses on locating flaws in your networks, infrastructure and overall architecture.
Application testing
Our Application testing falls into several categories including web application testing, application security, remote access applications etc and involves intricate security testing to establish weaknesses and flaws.
Web application testing
A service that examines your web applications and web application security - from coding and implementation flaws through to simple issues including SQL injection and cross site scripting.
Database
7Safe is an authority on Database security testing which closely links with overall application security and web application security together with in-depth analysis of database security design and implementation.
Wireless security testing
A security testing service to assess the vulnerability of wireless security in the workplace and to establish how best to protect wireless networks.
PCI penetration testing
7Safe operates in the field Payment Card Industry Data Security Standard (PCI DSS) and PCI Compliance undertaking penetration testing for client Cardholder Data Environments (CDE).

7Safe Services

CREST Approved Pen Testing services

News & Events

Subscribe To Our Newsletter

31st October, 2011

Hacking Oracle From the Web: Part 2

The first sequel of this paper was released in 2010 and it discussed the privileges needed to execute OS code when exploiting a SQL Injection in a web application which has an Oracle back-end.

This paper examines new techniques to execute multiple statements via SQL Injection. No special privileges are needed to use these techniques and they work for all versions of Oracle Database from Oracle 9i to 11g R2. The paper specifically outlines how to achieve privilege escalation and OS code execution when exploiting SQL Injection vulnerability in a web app which in-turns connect to an Oracle database.

Click here to view white paper

7Safe London
27 Austin Friars
London
EC2N 2QP

Tel: +44 (0)870 600 1667
Fax: +44 (0)870 600 1668

7Safe Cambridge
South Cambridge Business Park
Sawston, Cambridge CB22 3JH
United Kingdom

Tel: +44 (0)870 600 1667
Fax: +44 (0)870 600 1668

About Us

Testing Services

7Safe Services

Follow us

News & Events

Hacking Oracle From the Web: Part 2