‘Rootkiting Your Database’


Operating Systems and Databases are quite similar in the architecture. Both have: Users, Processes, Jobs, Executables, Symbolic Links, etc. Therefore a database can be considered to be a kind of an operating system. If a database is a kind of operating system it should be possible to migrate operating system malware (like rootkits or viruses) to the database world. The following linked paper will try to explain how this migration can be done.’


‘The information has been provided by Kornbrust, Alexander.
The original article can be found at: http://www.red-database-security.com/wp/db_rootkits_us.pdf


Alexander Kornbrust has found a new class of security vulnerabilities. By doing modifications in the metadata it is possible to create application rootkits (e.g. database rootkits). It is for example possible to create hidden users in an Oracle database. These users are invisible to most of the tools (even Oracle security scanner).’

Categories: Reviews