Search
Navigation
Top 60 Oracle Blogs
Dumping SGA to read encrypted blocks
After my last article AMM vs security, Martin Berger wrote to me:
well,
even without AMM you can do it:
write your own process which attaches to the same shm segments – and use its memory mapping (?)
My response was that it is also possible with ASMM but AMM makes it extremely easy. And this is because you can treat memory as regular binary files when operating on AMM.
Today I want to show you how dump blocks from SGA which is configured as ASMM to get into encrypted data which is also protected by Oracle Database Vault. To set up the environment I will use examples from a previous blog post.
Code for sgadump is written in GoLang, so please use those instructions to setup your environment: https://golang.org/doc/install
Please make sure that your ENV is set up properly:
[oracle@rokoko ~]$ cat .bash_profile | grep go GOPATH=/home/oracle/go PATH=$PATH:/usr/local/go/bin:$GOPATH/bin
After installing GoLang you can do the following to compile my tool:
[oracle@rokoko ~]$ mkdir -p ~/go/src/github.com/ghetzel [oracle@rokoko ~]$ mkdir -p ~/go/src/github.com/ora600pl [oracle@rokoko ~]$ cd ~/go/src/github.com/ghetzel [oracle@rokoko ghetzel]$ git clone https://github.com/ghetzel/shmtool Cloning into 'shmtool'... remote: Counting objects: 92, done. remote: Total 92 (delta 0), reused 0 (delta 0), pack-reused 92 Unpacking objects: 100% (92/92), done. [oracle@rokoko ghetzel]$ cd ~/go/src/github.com/ora600pl [oracle@rokoko ora600pl]$ git clone https://github.com/ora600pl/sgadump Cloning into 'sgadump'... remote: Counting objects: 9, done. remote: Compressing objects: 100% (7/7), done. remote: Total 9 (delta 0), reused 9 (delta 0), pack-reused 0 Unpacking objects: 100% (9/9), done. [oracle@rokoko ora600pl]$ cd sgadump/ [oracle@rokoko sgadump]$ ls README.md sgadump.go [oracle@rokoko sgadump]$ go install
If your ENV was setup properly, you’ll find a binary file under ~/go/bin/sgadump and use it like this:
[oracle@rokoko sgadump]$ sgadump sgadump by Kamil Stawiarski (@ora600pl) - dumps database blocks from SGA. Usage: sgadump -b block_size -d data_object_id -s shmid -o output_file_name
Cool, now let’s make sure, that we are using ASMM and not AMM:
SQL> sho parameters memory_target NAME TYPE VALUE ------------------------------------ ----------- ------------------------------ memory_target big integer 0 SQL> sho parameters sga_target NAME TYPE VALUE ------------------------------------ ----------- ------------------------------ sga_target big integer 1120M
Now we will check if the tool works – first of all we have to check data_object_id of HR.EMPLOYEES, load encrypted data to memory, get ID_SHM for SGA and dump blocks. Easy, right? 
.png){kind=small}
TweetsAbout Kamil Stawiarski
Popular content
Today's:
Monthly archive
- July 2013 (116)
- June 2013 (93)
- May 2013 (69)
- April 2013 (89)
- March 2013 (82)
- February 2013 (86)
- January 2013 (72)
- December 2012 (55)
- November 2012 (60)
- October 2012 (75)
- September 2012 (90)
- August 2012 (65)
- July 2012 (79)
- June 2012 (70)
- May 2012 (88)
- April 2012 (86)
- March 2012 (86)
- February 2012 (95)
- January 2012 (92)
- December 2011 (94)
- November 2011 (124)
- October 2011 (110)
- September 2011 (110)
- August 2011 (98)
- July 2011 (114)
- June 2011 (101)
- May 2011 (86)
- April 2011 (81)
- March 2011 (132)
- February 2011 (106)
Recent comments
25 weeks 3 days ago
37 weeks 4 days ago
41 weeks 6 days ago
42 weeks 4 days ago
47 weeks 2 days ago
1 year 16 weeks ago
1 year 36 weeks ago
2 years 14 weeks ago
2 years 50 weeks ago
2 years 51 weeks ago