The Web Local





SIDGuesser is as the name implies a small command-line based tool that tries to guess instance names for an Oracle database given a user supplied dictionary.  The speed of the tool is relatively slow (80-100 guesses per second) but it does the job.


Why do we need it?

The trouble with Oracle 10g and above is that the TNS Listener has a number of extra security features applied that precludes it giving away certain status and service information, (unlike Oracle 9i which gave away everything ;-) ). The database enumeration tools oscanner and oat generally rely on interrogating the Oracle TNS listener to pick up the database SID and with this information they then can perform a brute force/ dictionary based check of Oracle default user accounts and accounts with the same username as password etc.


Generally with 10g these 2 tools do not work unless a SID can be enumerated, in addition the oscanner tool cannot have a SID manually assigned leaving it pretty pointless for 10g usage! This new tool, which when tried against both Oracle 9 and 10 did pick up the database SID's. This information can then be supplied to opwg tool in the oat suite by means of the -d option and a breakout/check of user accounts will begin.


It is available from here.




To install simply download and create your own custom word file of common database names.




C:\Documents and Settings\hacker \Desktop\sid>SIDGuesser.exe


SIDGuesser v1.0.5 by


SIDGuesser.exe -i <ip> -d <dictionary> [options]



-p       <portnr> Use specific port (default 1521)
-r       <report> Report to file
-m       <mode> findfirst OR findall(default)


Expected Output:

Oracle 10g test:


C:\Documents and Settings\hacker \Desktop\sid>SIDGuesser.exe -i -d words.txt


SIDGuesser v1.0.5 by



Starting Dictionary Attack (<space> for stats, Q for quit) ...




Oracle 9i test:


If you choose to save it to a file i.e. C:\Documents and Settings\hacker\Desktop\sid>SIDGuesser.exe -i -d words.txt -r results.txt, the contents of the file will look like:


SIDGuesser v1.0.5 by






IT Security News:


Pen Testing Framework:


Latest Tool Reviews: