如何移除和重新安裝Oracle JVM步驟
前言
自從2018年8月10日發表Oracle JVM漏洞,攻擊者只要使用一些Java語法就可以取得主機控制權,開始有人詢問如何查詢DB內相關的Java物件和移除Oracle JVM的方法。
1.查詢Oracle DB內有關聯的JAVA物件
select
owner, status, count(*) from all_objects
where object_type like '%JAVA%' group
by owner, status;
如果要查詢元件名稱
select
owner, object_name from all_objects
where object_type like '%JAVA%';
2.確認移除OJVM的必要環境條件
Shared Pool 至少 96 MB 空間.
Java Pool 至少 50 MB 空間
SYSTEM tablespace 至少 70 MB 空間
SYSTEM RBS 至少 100 MB 空間
Java Pool 至少 50 MB 空間
SYSTEM tablespace 至少 70 MB 空間
SYSTEM RBS 至少 100 MB 空間
3.編輯移除的 SQL Script並執行
vi remove_ojvm.sql
加入以下的文字
spool remove_ojvm.log
set echo on
connect / as sysdba
startup mount
alter system set "_system_trig_enabled" = false
scope=memory;
alter system enable restricted session;
alter database open;
@?/rdbms/admin/catnoexf.sql
@?/rdbms/admin/catnojav.sql
@?/xdk/admin/rmxml.sql
@?/javavm/install/rmjvm.sql
truncate table java$jvm$status;
select * from obj$ where obj#=0 and type#=0;
delete from obj$ where obj#=0 and type#=0;
commit;
select owner, count(*) from all_objects
where object_type like '%JAVA%' group by owner;
select obj#, name from obj$
where type#=28 or type#=29 or type#=30 or namespace=32;
select o1.name from obj$ o1,obj$ o2
where o1.type#=5 and o1.owner#=1 and o1.name=o2.name and
o2.type#=29;
shutdown immediate
set echo off
spool off
exit
4. 確認執行結果
SQL> select owner, object_name from all_objects
where object_type like '%JAVA%';
2
5.如果要重新安裝OJVM
vi init_ojvm.sql 加入以下內容並執行
-- Start of File init_ojvm.sql
spool full_jvminst.log;
set echo on
connect / as sysdba
startup mount
alter system set "_system_trig_enabled" = false scope=memory;
alter database open;
select obj#, name from obj$
where type#=28 or type#=29 or type#=30 or namespace=32;
@?/javavm/install/initjvm.sql
select count(*), object_type from all_objects
where object_type like '%JAVA%' group by object_type;
@?/xdk/admin/initxml.sql
select count(*), object_type from all_objects
where object_type like '%JAVA%' group by object_type;
@?/xdk/admin/xmlja.sql
select count(*), object_type from all_objects
where object_type like '%JAVA%' group by object_type;
@?/rdbms/admin/catjava.sql
select count(*), object_type from all_objects
where object_type like '%JAVA%' group by object_type;
@?/rdbms/admin/catexf.sql
select count(*), object_type from all_objects
where object_type like '%JAVA%' group by object_type;
shutdown immediate
set echo off
spool off
exit
-- End of File init_ojvm.sql
set echo on
connect / as sysdba
startup mount
alter system set "_system_trig_enabled" = false scope=memory;
alter database open;
select obj#, name from obj$
where type#=28 or type#=29 or type#=30 or namespace=32;
@?/javavm/install/initjvm.sql
select count(*), object_type from all_objects
where object_type like '%JAVA%' group by object_type;
@?/xdk/admin/initxml.sql
select count(*), object_type from all_objects
where object_type like '%JAVA%' group by object_type;
@?/xdk/admin/xmlja.sql
select count(*), object_type from all_objects
where object_type like '%JAVA%' group by object_type;
@?/rdbms/admin/catjava.sql
select count(*), object_type from all_objects
where object_type like '%JAVA%' group by object_type;
@?/rdbms/admin/catexf.sql
select count(*), object_type from all_objects
where object_type like '%JAVA%' group by object_type;
shutdown immediate
set echo off
spool off
exit
-- End of File init_ojvm.sql
留言
張貼留言