Merge branch 'master-python3' of https://github.com/quentinhardy/odat …

…into master-python3
quentinhardy · Apr 2, 2020 · 61fdba7 · 61fdba7
2 parents ca8bd80 + b3b4384
commit 61fdba7
Showing 1 changed file with 6 additions and 6 deletions.
diff --git a/README.md b/README.md
@@ -16,7 +16,7 @@ Usage examples of ODAT:
 
 Tested on Oracle Database __10g__,  __11g__,  __12c__ and __18c__.
 
-__ODAT linux standalone__ version at [https://github.com/quentinhardy/odat/releases/](https://github.com/quentinhardy/odat/releases/). Notice it is recommended to use the development version (*git clone*).
+__ODAT linux standalone__ version at [https://github.com/quentinhardy/odat/releases/](https://github.com/quentinhardy/odat/releases/). Notice it is recommended to use the development version  (*git clone*), *master-python3* branch (python 3 version).
 
 Changelog
 ====
@@ -118,6 +118,7 @@ Thanks to ODAT, you can:
   * oradbg
 * __download files__ stored on the database server using:
   * UTL_FILE
+  * DBMS_XSLPROCESSOR
   * external tables
   * CTXSYS
   * DBMS_LOB
@@ -127,7 +128,7 @@ Thanks to ODAT, you can:
   * DBMS_ADVISOR
 * __delete files__ using:
   * UTL_FILE
-* __gain privileged access__ using these following system privileges combinations (see help for *privesc* module commands): (__NEW__ : 2016/02/21)
+* __gain privileged access__ using these following system privileges combinations (see help for *privesc* module commands):
   * CREATE ANY PROCEDURE
   * CREATE PROCEDURE and EXECUTE ANY PROCEDURE
   * CREATE ANY TRIGER (and CREATE PROCEDURE)
@@ -147,12 +148,11 @@ Thanks to ODAT, you can:
       * pickup the session key and salt for arbitrary users
       * attack by dictionary on sessions
   * the [__CVE-2012-????__](https://twitter.com/gokhanatil/status/595853921479991297): A user authenticated can modify all tables who can select even if he can't modify them normally (no ALTER privilege). 
-  * the [__CVE-2012-1675__](http://seclists.org/fulldisclosure/2012/Apr/204) (aka TNS poisoning attack) (__NEW__ : 25/03/2016)
+  * the [__CVE-2012-1675__](http://seclists.org/fulldisclosure/2012/Apr/204) (aka TNS poisoning attack)
 * __search in column names__ thanks to the *search* module:
   * search a pattern (ex: password) in column names
 * __unwrap__ PL/SQL source code (10g/11g and 12c)
-* get __system privileges__ and __roles granted__. It is possible to get privileges and roles of roles granted also (__NEW__ : 21/02/2016)
-
+* get __system privileges__ and __roles granted__. It is possible to get privileges and roles of roles granted also
 ![Alt text](./pictures/ODAT_main_features_v2.0.jpg)
 
 Supported Platforms and dependencies
@@ -221,7 +221,7 @@ sudo dpkg -i oracle-instantclient19.3-devel_???_???.deb
 ```bash
 export ORACLE_HOME=/usr/lib/oracle/19.3/client64/
 export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$ORACLE_HOME/lib
-export PATH=$ORACLE_HOME/bin:$PATH
+export PATH=${ORACLE_HOME}bin:$PATH
 ```
 
 * Restart your session (to apply env variables)