diff --git a/database/story/intro/intro.md b/database/story/intro/intro.md index 5d9b7747..0698f9f2 100644 --- a/database/story/intro/intro.md +++ b/database/story/intro/intro.md @@ -30,7 +30,7 @@ In our scenario, this database contains sensitive data that could be used by the As your attack protocol progresses, you will test the same commands from the same interfaces, but this time pointing to another Oracle Database named PDB2. Oracle's recommended security controls protect PDB2. You will see how a well-configured database can block the most common attacks used to break in and steal data. -*Versions tested in this lab:* Oracle DB EE 19.23, OEM 13.5, AVDF 20.13 +*Versions tested in this lab:* Oracle DB EE 19.23, OEM 13.5, AVDF 20.13 an OKV 21.9 ### Objectives This lab helps you learn to use some of the most important security features of the Oracle Database. @@ -123,4 +123,4 @@ Unfortunately, whether you pay the ransom or not, your sensitive data is now out ## Acknowledgements - **Author** - Hakim Loumi, Database Security Senior Principal PM - **Contributors** - Russ Lowenthal, Database Security VP -- **Last Updated By/Date** - Hakim Loumi, Database Security PM - November 2024 \ No newline at end of file +- **Last Updated By/Date** - Hakim Loumi, Database Security PM - December 2024 \ No newline at end of file diff --git a/database/story/story-hack/story-hack.md b/database/story/story-hack/story-hack.md index 526e1130..04c22670 100644 --- a/database/story/story-hack/story-hack.md +++ b/database/story/story-hack/story-hack.md @@ -467,10 +467,11 @@ In this lab, you will perform a "UNION-based" SQL injection attack on an applica ``` - cd /home/oracle/DBSecLab/admin - stop_Glassfish.sh + cd $DBSEC_ADMIN + ./stop_Glassfish.sh sudo sed -i -e 's|pdb1|pdb2|g' /u01/app/glassfish/hr_prod_pdb2/WEB-INF/classes/hr.properties - start_Glassfish.sh + ./start_Glassfish.sh + cd $DBSEC_LABS/story-hack ```