CVE-2012-3137

This PoC exploits CVE-2012-3137, a vulnerability in Oracle TNS Listener, by crafting malicious TNS packets to trigger a buffer overflow, potentially leading to remote code execution. The script establishes a connection and sends specially crafted packets to manipulate the protocol negotiation phase.

This repository contains a proof-of-concept for CVE-2012-3137, which exploits a vulnerability in Oracle's authentication protocol. The code implements a man-in-the-middle (MitM) attack framework to intercept and manipulate network traffic.

This exploit demonstrates an authentication bypass vulnerability in Oracle Database 11g by decrypting session IDs using a list of common passwords. It leverages AES decryption with a SHA1-derived key to validate the password.