Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Is it possible to read a SGA's memory architecture ?

Re: Is it possible to read a SGA's memory architecture ?

From: Vladimir M. Zakharychev <bob_at_dpsp-yes.com>
Date: Mon, 21 Oct 2002 22:48:03 +0400
Message-ID: <ap1i9o$28q$1@babylon.agtel.net> 





> The actual question I would think is what kernel or API call does one use to 

> read memory blocks allocated by another application. 

>

> Looking through the Win32 memory management API calls, the only candidates 

> seem to be:

> CopyMemory()

> VirtualQuery()

> 




How about ReadProcessMemory() and WriteProcessMemory() ? ;) Privileged
calls, restricted to debugging tools and likes, but still if you can get your 
process running as LocalSystem, you can get into any other process'
memory space and do whatever you like there.
Plus there's that Shatter technique that may be (or may be not) applicable
to Oracle - this one doesn't require any advanced privileges if you can find
a LocalSystem service that can interact with the desktop. You then use
pretty innocent messages to get your code into target's memory space and
execute it in that context...


-- 
Vladimir Zakharychev (bob@dpsp-yes.com)                http://www.dpsp-yes.com
Dynamic PSP(tm) - the first true RAD toolkit for Oracle-based internet applications.
All opinions are mine and do not necessarily go in line with those of my employer.


Received on Mon Oct 21 2002 - 13:48:03 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US