(完整版)Oracle漏洞掃描安全加固

1、關(guān)于操作系統(tǒng)和數(shù)據(jù)庫(kù)合規(guī)檢查漏洞的解決方案 Oracle 數(shù)據(jù)庫(kù)分冊(cè)適用軟件版 本Oracle10g 、11g適本用硬件版主題關(guān)于操作系統(tǒng)和數(shù)據(jù)庫(kù)合規(guī)檢查漏洞的解決方案 Oracle 數(shù)據(jù)庫(kù)分冊(cè)1、 問(wèn)題描述與原因：Oracle 數(shù)據(jù)庫(kù)在合規(guī)檢查時(shí)被掃描出漏洞，要求對(duì)這些漏洞進(jìn)行解決。2、 應(yīng)對(duì)措施： 對(duì)存在漏洞進(jìn)行定制的安全加固操作。3、 執(zhí)行條件 / 注意事項(xiàng)：? 加固前確保服務(wù)器、數(shù)據(jù)庫(kù)、網(wǎng)管運(yùn)行均正常。最好重啟下服務(wù)器、數(shù)據(jù)庫(kù)和網(wǎng)管查看重 啟后網(wǎng)管是否能運(yùn)行正常。如果加固前服務(wù)器本身有問(wèn)題，加固后服務(wù)器運(yùn)行異常會(huì)加大 排查難度。? 本解決方案執(zhí)行完成后，需要重啟 Oracle 數(shù)據(jù)庫(kù)來(lái)

2、生效某些操作。? 本解決方案不必完全執(zhí)行，請(qǐng)根據(jù)系統(tǒng)掃描出的漏洞選擇對(duì)應(yīng)的漏洞條目進(jìn)行操作。? 如無(wú)特殊說(shuō)明，本文中的執(zhí)行用戶均為 oracle4、 操作步驟：漏洞清單（單擊可跳轉(zhuǎn)）： （注：漏洞名稱與配置項(xiàng)信息中的配置項(xiàng)名稱對(duì)應(yīng)。） 漏洞 1.檢查是否對(duì)用戶的屬性進(jìn)行控制（5）漏洞 2.檢查是否配置 Oracle 軟件賬戶的安全策略 （2）漏洞 3.檢查是否啟用數(shù)據(jù)字典保護(hù)漏洞 4.檢查是否在數(shù)據(jù)庫(kù)對(duì)象上設(shè)置了VPD和 OLS（6）漏洞 5.檢查是否存在 dvsys 用戶 dbms_macadm對(duì)象 （ 14）漏洞 6.檢查是否數(shù)據(jù)庫(kù)應(yīng)配置日志功能 （11）漏洞 7.檢查是否記錄操作日志 （

3、13）漏洞 8.檢查是否記錄安全事件日志 （7）漏洞 9.檢查是否根據(jù)業(yè)務(wù)要求制定數(shù)據(jù)庫(kù)審計(jì)策略漏洞 10.檢查是否為監(jiān)聽(tīng)設(shè)置密碼漏洞 11.檢查是否限制可以訪問(wèn)數(shù)據(jù)庫(kù)的地址 （1）漏洞 12.檢查是否使用加密傳輸 （4）漏洞 13.檢查是否設(shè)置超時(shí)時(shí)間 （15）漏洞 14.檢查是否設(shè)置 DBA組用戶數(shù)量限制 （ 3）漏洞15.檢查是否刪除或者鎖定無(wú)關(guān)帳號(hào)漏洞 16.檢查是否限制具備數(shù)據(jù)庫(kù)超級(jí)管理員（SYSDB）A 權(quán)限的用戶遠(yuǎn)程登錄 （10）漏洞17.檢查口令強(qiáng)度設(shè)置 （17）漏洞 18.檢查帳戶口令生存周期 （ 12）漏洞 19.檢查是否設(shè)置記住歷史密碼次數(shù) （ 8）漏洞 20.檢查是否配

4、置最大認(rèn)證失敗次數(shù)漏洞21.檢查是否在配置用戶所需的最小權(quán)限 （ 9）漏洞22.檢查是否使用數(shù)據(jù)庫(kù)角色（ ROLE）來(lái)管理對(duì)象的權(quán)限 （16）漏洞23.檢查是否更改數(shù)據(jù)庫(kù)默認(rèn)帳號(hào)的密碼執(zhí)行 Oracle 安全加固操作前備份文件：bash-3.2$ cp $ORACLE_HOME/network/admin/listener.ora $ORACLE_HOME/network/admin/listene bash-3.2$ cp $ORACLE_HOME/network/admin/sqlnet.ora $ORACLE_HOME/network/admin/sqlnet.or a

5、.orgOracle 數(shù)據(jù)庫(kù)漏洞的解決方案全部執(zhí)行完成后，需要重啟 Oracle 實(shí)例來(lái)生效某些操作。漏洞 1.檢查是否對(duì)用戶的屬性進(jìn)行控制類型： Oracle 數(shù)據(jù)庫(kù)類問(wèn)題：SQL> select count(t.username) from dba_users t where profile not in ('DEFAULT','MONITORING_PROFILE');COUNT(T.USERNAME) 0解決方案：暫時(shí)不處理。漏洞 2.檢查是否配置 Oracle 軟件賬戶的安全策略類型： Oracle 數(shù)據(jù)庫(kù)類問(wèn)題：略解決方案： 暫時(shí)不處理漏洞3.

6、檢查是否啟用數(shù)據(jù)字典保護(hù)類型： Oracle 數(shù)據(jù)庫(kù)類問(wèn)題：SQL> select value from v$parameter where name like '%O7_DICTIONARY_ACCESSIBILITY%'sele ct value from v$parameter where name like '%O7_DICTIONARY_ACCESSIBILITY%'*ERROR at line 1:ORA-01034: ORACLE not availableProcess ID: 0Session ID: 0 Serial number: 0

7、解決方案：在數(shù)據(jù)庫(kù)啟動(dòng)的情況下，通過(guò)下面的命令檢查 o7_dictionary_accessibility 的參數(shù) 值:bash-3.2$ sqlplus system/oracle<SID>SQL*Plus: Release .0 - Production on Thu Jan 9 11:33:56 2014Copyright (c) 1982, 2007, Oracle. All Rights Reserved.Connected to:Oracle Database 10g Enterprise Edition Release .0 - Pro

8、ductionWith the Partitioning, OLAP, Data Mining and Real Application Testing optionsSQL> show parameter o7_dictionary_accessibility;NAME TYPE VALUE O7_DICTIONARY_ACCESSIBILITY boolean FALSE 檢查出默認(rèn)的結(jié)果是 FALSE后，使用下面的命令退出 SQL*PLUS：SQL> exitDisconnected from Oracle Database 11g Enterprise Edition Re

9、lease .0 - 64bit Pro ductionWith the Partitioning, OLAP, Data Mining and Real Application Testing options漏洞 4. 檢查是否在數(shù)據(jù)庫(kù)對(duì)象上設(shè)置了VPD和 OLS類型： Oracle 數(shù)據(jù)庫(kù)類問(wèn)題：SQL> select count(*) from v$vpd_policy;COUNT(*)0-解決方案：暫時(shí)不處理。漏洞 5. 檢查是否存在 dvsys 用戶 dbms_macadm對(duì)象 類型： Oracle 數(shù)據(jù)庫(kù)類 問(wèn)題：SQL> select count(*)

10、 from dba_users where username='DVSYS'COUNT(*)0 解決方案： 暫時(shí)不處理。漏洞 6. 檢查是否數(shù)據(jù)庫(kù)應(yīng)配置日志功能 類型： Oracle 數(shù)據(jù)庫(kù)類 問(wèn)題：SQL> select count(*) from dba_triggers t where trim(t.triggering_event) = trim('LOGON ');COUNT(*)- - C- - O- - -U -0-N- T(*) 解決方案： 暫時(shí)不處理。漏洞 7. 檢查是否記錄操作日志 類型： Oracle 數(shù)據(jù)庫(kù)類 問(wèn)題：SQL>

11、select value from v$parameter t where = 'audit_trail'select value from v$parameter t where = 'audit_trail'ERROR at line 1:ORA-01034: ORACLE not availableProcess ID: 0Session ID: 0 Serial number: 0 解決方案： 暫時(shí)不處理。漏洞8.檢查是否記錄安全事件日志類型： Oracle 數(shù)據(jù)庫(kù)類問(wèn)題：SQL> select count(*) fro

12、m dba_triggers t where trim(t.triggering_event) = trim('LOGON'); COUNT(*) 0- 解決方案： 暫時(shí)不處理。漏洞 9. 檢查是否根據(jù)業(yè)務(wù)要求制定數(shù)據(jù)庫(kù)審計(jì)策略類型： Oracle 數(shù)據(jù)庫(kù)類問(wèn)題：SQL> select value from v$parameter t where = 'audit_trail'select value from v$parameter t where = 'audit_trail'*ERROR at line 1

13、:ORA-01034: ORACLE not availableProcess ID: 0Session ID: 0 Serial number: 0解決方案：暫時(shí)不處理。漏洞 10. 檢查是否為監(jiān)聽(tīng)設(shè)置密碼類型： Oracle 數(shù)據(jù)庫(kù)類問(wèn)題：$ cat find $ORACLE_HOME -name sqlnet.ora | grep -v "#"|grep -v "$"find: 0652-081 can not change directory to </oracle/app/oracle/dbhome_1/sysman/config/pre

14、f>: : The file a ccess permissions do not allow the specified action.$ cat find $ORACLE_HOME -name listener.ora | grep -v "#"|grep -v "$"find: 0652-081 c annot change directory to </oracle/app/oracle/dbhome_1/sysman/config/pref>: : The file access permissions do not allo

15、w the specified action.SID_LIST_LISTENER = (SID_LIST = (SID_DESC = (SID_NAME = PLSExtProc) (ORACLE_HOME = /oracle/app/oracle/dbho me_1) (PROGRAM = extproc) ) (SID_DESC = (GLOBAL_DBNAME = minos) (O RACLE_HOME = /oracle/app/oracle/dbhome_1) (SID_NAME = minos) ) )LISTENER = (D ESCRIPTION_LIST = (DESCRI

16、PTION = (ADDRESS = (PROTOCOL = TCP)(HOST = 100.92.255. 141)(PORT = 1521) ) )ADR_BASE_LISTENER = /oracle/app/oracle解決方案：bash-3.2$ lsnrctlLSNRCTL for IBM/AIX RISC System/6000: Version .0 - Production on 08-JAN-2014 1 5:11:21Copyright (c) 1991, 2011, Oracle. All rights reserved.Welcome to LSNRC

17、TL, type "help" for information.LSNRCTL>c hange_passwordOld password: < 如果之前沒(méi)有密碼則這里不填，直接按 Enter 鍵 >New password:Reenter new password:Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=2)(PORT=1521) Password changed for LISTENERThe command completed successfullyLSNR

18、CTL>s ave_configConnecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=2)(PORT=1521) Saved LISTENER configuration parameters.Listener Parameter File /oracle/app/oracle//dbhome_1/network/admin/listener.o raOld Parameter File /oracle/app/oracle//dbhome_1/network/admin/li

19、stener.bakThe command completed successfully LSNRCTL>e xitbash-3.2$設(shè)置完成后通過(guò)下面的命令檢查：bash-3.2$ cat $ORACLE_HOME/network/admin/listener.ora | grep "PASSWORDS" 有輸出則說(shuō)明已經(jīng)設(shè)置成功了。漏洞 11. 檢查是否限制可以訪問(wèn)數(shù)據(jù)庫(kù)的地址類型： Oracle 數(shù)據(jù)庫(kù)類問(wèn)題：$ cat find $ORACLE_HOME -name sqlnet.ora | grep -v "#"|grep -v &quo

20、t;$"find: 0652-081 can not change directory to </oracle/app/oracle/dbhome_1/sysman/config/pref>: : The file a ccess permissions do not allow the specified action.$ cat find $ORACLE_HOME -name listener.ora | grep -v "#"|grep -v "$"find: 0652-081 c annot change directory

21、 to </oracle/app/oracle/dbhome_1/sysman/config/pref>: : The file access permissions do not allow the specified action.SID_LIST_LISTENER = (SID_LIST = (SID_DESC = (SID_NAME = PLSExtProc) (ORACLE_HOME = /oracle/app/oracle/dbho me_1) (PROGRAM = extproc) ) (SID_DESC = (GLOBAL_DBNAME = minos) (O RA

22、CLE_HOME = /oracle/app/oracle/dbhome_1) (SID_NAME = minos) ) )LISTENER = (D ESCRIPTION_LIST = (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = 100.92.255. 141)(PORT = 1521) ) )ADR BASE LISTENER = /oracle/app/oracle解決方案：檢查 $ORACLE_HOME/network/admin/sqlnet.ora 文件中是否有以下行： TCP.VALIDNODE_CHECKING = YES

23、TCP.INVITED_NODES = (<host_1>, <host_2>, ) 其中 <host_x> 是允許訪問(wèn)本數(shù)據(jù)庫(kù)的 IP 地址。 如果沒(méi)有，則根據(jù)需要在文件中添加，隨后重啟數(shù)據(jù)庫(kù)。 重啟完成后，則數(shù)據(jù)庫(kù)只允許 TCP.INVITED_NODES列出的 IP 來(lái)訪問(wèn)。如果不存在 sqlnet.ora 文件，請(qǐng)使用以下命令創(chuàng)建此文件后再實(shí)施上面的操作： bash-3.2$ touch $ORACLE_HOME/network/admin/sqlnet.ora漏洞 12. 檢查是否使用加密傳輸類型： Oracle 數(shù)據(jù)庫(kù)類問(wèn)題：$ cat find

24、 $ORACLE_HOME -name sqlnet.ora | grep -v "#"|grep -v "$"find: 0652-081 can not change directory to </oracle/app/oracle/dbhome_1/sysman/config/pref>: : The file a ccess permissions do not allow the specified action.$ cat find $ORACLE_HOME -name listener.ora | grep -v "#

25、"|grep -v "$"find: 0652-081 c annot change directory to </oracle/app/oracle/dbhome_1/sysman/config/pref>: : The file access permissions do not allow the specified action.SID_LIST_LISTENER = (SID_LIST =(SID_DESC = (SID_NAME = PLSExtProc) (ORACLE_HOME = /oracle/app/oracle/dbhome_1

26、) (PROGRAM = extproc)(SID_DESC = (GLOBAL_DBNAME = minos) (ORACLE_HOME = /oracle/app/oracle/dbhome_1) (SID_NAME = minos) )LISTENER =(DESCRIPTION_LIST = (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = 41)(PORT = 1521) )ADR_BASE_LISTENER = /oracle/app/oracle 解決方案： 暫時(shí)不處理。漏洞13.檢查是否設(shè)置超時(shí)時(shí)間類型：

27、 Oracle 數(shù)據(jù)庫(kù)類問(wèn)題：$ cat find $ORACLE_HOME -name sqlnet.ora | grep -v "#"|grep -v "$"find: 0652-081 cannot change directory to </oracle/app/oracle/dbhome_1/sysman/config/pr ef>: The file access permissions do not allow the specified action.$ cat find $ORACLE_HOME -name listener

28、.ora | grep -v "#"|grep -v "$"find: 0652-081 cannot change directory to </oracle/app/oracle/dbhome_1/sysman/config/pr ef>: The file access permissions do not allow the specified action.SID_LIST_LISTENER =(SID_LIST =(SID_DESC =(SID_NAME = PLSExtProc)(ORACLE_HOME = /oracle/ap

29、p/oracle/dbhome_1) (PROGRAM = extproc)(SID_DESC =(GLOBAL_DBNAME = minos)(ORACLE_HOME = /oracle/app/oracle/dbhome_1) (SID_NAME = minos)LISTENER =(DESCRIPTION_LIST =(DESCRIPTION =(ADDRESS = (PROTOCOL = TCP)(HOST = 41)(PORT = 1521) ADR_BASE_LISTENER = /oracle/app/oracle解決方案：通過(guò)下面的命令檢查是否 設(shè)置了

30、SQLNET.EXPIRE_TIME的參數(shù)值為 10： bash-3.2$ grep -i "SQLNET.EXPIRE_TIME" $ORACLE_HOME/network/admin/sqlnet.ora 如果沒(méi)有設(shè)置，在 $ORACLE_HOME/network/admin/sqlnet.ora 文件中添加一行： SQLNET.EXPIRE_TIME=10 隨后重新啟動(dòng)監(jiān)聽(tīng)和數(shù)據(jù)庫(kù)。如果不存在 sqlnet.ora 文件，請(qǐng)使用以下命令創(chuàng)建此文件后再實(shí)施上面的操作： bash-3.2$ touch $ORACLE HOME/network/admin/sqlnet.o

31、ra漏洞 14.檢查是否設(shè)置 DBA組用戶數(shù)量限制類型： Oracle 數(shù)據(jù)庫(kù)類問(wèn)題：略解決方案： 手動(dòng)將其他非 oracle 的用戶從 dba 組中刪除，將 oracle 用戶從 root 或 system 組中 刪除。查詢用戶所屬組的命令是 groups <username> 。改變用戶所屬組的命令是 usermod -G <groupname1> , <groupname2> <username> 。漏洞 15. 檢查是否刪除或者鎖定無(wú)關(guān)帳號(hào)類型： Oracle 數(shù)據(jù)庫(kù)類問(wèn)題：SQL> select t.username from d

32、ba_users t where t.account_status = 'OPEN'select t.userna me from dba_users t where t.account_status = 'OPEN'*ERROR at line 1:ORA-01034: ORACLE n ot availableProcess ID: 0Session ID: 0 Serial number: 0解決方案： 暫時(shí)不處理。漏洞16. 檢查是否限制具備數(shù)據(jù)庫(kù)超級(jí)管理員(SYSDB)A 權(quán)限的用戶遠(yuǎn)程登錄類型： Oracle 數(shù)據(jù)庫(kù)類問(wèn)題：SQL> selec

33、t t.VALUE from v$parameter t where upper(t.NAME) like '%REMOTE_LOGIN_PASSWOR DFILE%'VALUE EXCLUSIVE 解決方案： 在數(shù)據(jù)庫(kù)啟動(dòng)時(shí)，通過(guò)下面的命令檢查 remote_login_passwordfile 的參數(shù)值： bash-3.2$ sqlplus sys/oracle<SID> as sysdbaSQL*Plus: Release .0 - Production on Thu Jan 9 11:33:56 2014Copyright (c) 1982,

34、 2007, Oracle. All Rights Reserved.Connected to:Oracle Database 10g Enterprise Edition Release .0 - ProductionWith the Partitioning, OLAP, Data Mining and Real Application Testing optionsSQL> show parameters remote login passwordfile;NAME TYPE VALUENONE： remote_login_passwordfile string E

35、XCLUSIVE 如果參數(shù)值為 NONE，則默認(rèn)滿足安全要求。否則，通過(guò)下面的SQL語(yǔ)句修改參數(shù)值為SQL> alter system set remote_login_passwordfile=NONE scope=spfile;System altered.修改后重啟數(shù)據(jù)庫(kù)：SQL> shutdown immediateDatabase closed.Database dismounted.ORACLE instance shut down.bash-3.2$ export ORACLE_SID=<SID>bash-3.2$ sqlplus /nologSQL*Pl

36、us: Release .0 - Production on Tue May 20 11:01:55 2014Copyright (c) 1982, 2010, Oracle. All Rights Reserved.SQL> conn / as sysdbaConnected to an idle instance.SQL> startupORACLE instance started.Total System Global Area 8589934592 bytesFixed Size 2065744 bytesVariable Size3238009520 b

37、ytesDatabase Buffers5301600256 bytesRedo Buffers 48259072 bytesDatabase mounted.DDaattaabbaassee ompoeunneted.d .SQL>檢查參數(shù)值是否修改成功：SQL> show parameters remote_login_passwordfile;NAME TYPE VALUE remote_login_passwordfile string NONE 修改成功后退出 SQL*PLUS：SQL> exitDisconnected from Oracle Database 1

38、0g Enterprise Edition Release .0 - Productio nWith the Partitioning, OLAP, Data Mining and Real Application Testing options漏洞 17. 檢查口令強(qiáng)度設(shè)置類型： Oracle 數(shù)據(jù)庫(kù)類問(wèn)題：SQL> select count(*) from dba_profiles where resource_name = 'PASSWORD_VERIFY_FUNCTION' and limit = 'NULL'COUNT(*)1 解

39、決方案： 暫時(shí)不處理。漏洞 18. 檢查帳戶口令生存周期類型： Oracle 數(shù)據(jù)庫(kù)類問(wèn)題：SQL> select limit from dba_profiles t where resource_name = 'PASSWORD_LIFE_TIME'LIMIT UNLIMITEDDEFAULTDEFAULT解決方案： 暫時(shí)不處理。漏洞 19. 檢查是否設(shè)置記住歷史密碼次數(shù) 類型： Oracle 數(shù)據(jù)庫(kù)類 問(wèn)題：SQL> select limit from dba_profiles t where resource_name = 'PASSWORD_REUS

40、E_MAX'LIMITUNLIMITEDDEFAULTDEFAULT 解決方案： 暫時(shí)不處理。漏洞 20. 檢查是否配置最大認(rèn)證失敗次數(shù) 類型： Oracle 數(shù)據(jù)庫(kù)類問(wèn)題：SQL> select limit from dba_profiles t where resource_name = 'FAILED_LOGIN_ATTEMPTS' select limit from dba_profiles t where resource_name = 'FAILED_LOGIN_ATTEMPTS'ERROR at line 1:ORA-01034: O

41、RACLE not available Process ID: 0Session ID: 0 Serial number: 0 解決方案： 在數(shù)據(jù)庫(kù)啟動(dòng)的情況下，通過(guò)下面的命令檢查FAILED_LOGIN_ATTEMPT的S值 :bash-3.2$ sqlplus system/oracle<SID>SQL*Plus: Release .0 - Production on Thu Jan 9 11:33:56 2014 Copyright (c) 1982, 2007, Oracle. All Rights Reserved.Connected to:Oracle

42、Database 10g Enterprise Edition Release .0 - Production With the Partitioning, OLAP, Data Mining and Real Application Testing optionsSQL> SELECT RESOURCE_NAME, LIMIT FROM DBA_PROFILES WHERE RESOURCE_NAME='FAILED_LOGIN_AT TEMPTS' AND PROFILE='DEFAULT'RESOURCE_NAME LIMIT FAI

43、LED_LOGIN_ATTEMPTS UNLIMITED如果 LIMIT 的值為 6，則符合安全要求。否則，通過(guò)下面的SQL語(yǔ)句修改參數(shù)值：SQL> ALTER PROFILE DEFAULT LIMIT FAILED_LOGIN_ATTEMPTS 6;Profile altered.檢查參數(shù)值是否修改成功：SQL> SELECT RESOURCE_NAME, LIMIT FROM DBA_PROFILES WHERE RESOURCE_NAME='FAILED_LOGIN_AT TEMPTS' AND PROFILE='DEFAULT'RESOUR

44、CE_NAME LIMIT FAILED_LOGIN_ATTEMPTS 6 修改成功后退出 SQL*PLUS：SQL> exitDisconnected from Oracle Database 10g Enterprise Edition Release .0 - Productio nWith the Partitioning, OLAP, Data Mining and Real Application Testing options漏洞 21. 檢查是否在配置用戶所需的最小權(quán)限類型： Oracle 數(shù)據(jù)庫(kù)類問(wèn)題：SQL> select count(a.use

45、rname) from dba_users a left join dba_role_privs b on a.usernam e = b.grantee where granted_role = 'DBA' and a.username not in ('SYS','SYSMAN','SYSTEM ','WKSYS','CTXSYS');COUNT(A.USERNAME) 19解決方案：暫時(shí)不處理。漏洞 22. 檢查是否使用數(shù)據(jù)庫(kù)角色( ROLE)來(lái)管理對(duì)象的權(quán)限 類型： Oracle 數(shù)據(jù)庫(kù)類

46、問(wèn)題：SQL> select count(a.username) from dba_users a left join dba_role_privs b on a.usernam e = b.grantee where granted_role = 'DBA' and a.username not in ('SYS','SYSMAN','SYSTEM ','WKSYS','CTXSYS');COUNT(A.USERNAME)-C - -O - - U - - N- - T- -( - A-1-

47、.-9U- -S ERNAME)解決方案： 暫時(shí)不處理。漏洞 23. 檢查是否更改數(shù)據(jù)庫(kù)默認(rèn)帳號(hào)的密碼類型： Oracle 數(shù)據(jù)庫(kù)類問(wèn)題：SQL> select username,password from dba_users where password in('DF02A496267DEE66','2BE6 F80744E08FEB','9793B3777CD3BD1A','CE4A36B8E06CA59C','9C30855E7E0CB02D','6399F3B38EDF328 8');

48、USERNAME PASSWORD DIP CE4A36B8E06CA59CMDDATA DF02A496267DEE66SQL> select username,password from dba_users where password in('66F4EF5650C20355','BFBA 5A553FD9E28A','7C9BA362F8314299','71E687F036AD56E5','anonymous','88D8364765FCE6AF'); USERNAME PASSWORD EXFSYS 66F4EF5650C20355ANONYMOUSWMSYSCTXSYSDMSYSXDB6 rows selected.anonymous7C9BA362F831429971E687F036AD56E5BFBA5A553FD9E28A88D8364765FCE6AFSQL> s