Installing Oracle Database Attacking Tool (ODAT) on Kali Rolling (2018)


I decided to write a quick little guide on installing the Oracle Database Attacking Tool (ODAT) on the latest version of Kali Linux since I noticed people were running into issues with it.

ODAT is an open source penetration testing tool targeted at attacking, and auditing the security of Oracle Database servers.


  1. git
  2. python 2.7.x
  3. An account on or use something like


Note: For this setup ODAT is being installed on the latest version of Kali at the moment (2018.2)

We are also installing the development version of ODAT (seems to work better than the release binaries)

Getting instaclient, sdk, and sqlplus

Oracle forces you to register to their site in order to download pretty much anything (thanks oracle).

You can create a temporary email using any temporary email service like, your own personal email (why?), or use the service to get a login. After you’ve logged in you need to download the following items.

(all version


we need to move all these files from the downloads directory into the /opt/oracle directory.

root@kali:~/Downloads# mkdir -p /opt/oracle/
root@kali:~/Downloads# cp instantclient-* /opt/oracle/

After you’ve downloaded the following files ensure you unzip the zip first.

root@kali:~/Downloads# cd /opt/oracle/
root@kali:/opt/oracle# unzip
root@kali:/opt/oracle# unzip
root@kali:/opt/oracle# unzip

You should now have an “instantclient_12_1” directory.

Create symlink to the so file.

root@kali:/opt/oracle# cd instantclient_12_1/
root@kali:/opt/oracle/instantclient_12_1# ln

Add the following to your bashrc

echo " 
export PATH=$PATH:/opt/oracle/instantclient_12_1
export SQLPATH=/opt/oracle/instantclient_12_1
export TNS_ADMIN=/opt/oracle/instantclient_12_1
export LD_LIBRARY_PATH=/opt/oracle/instantclient_12_1
export ORACLE_HOME=/opt/oracle/instantclient_12_1
" >> ~/.bashrc

reload bashrc

root@kali:/opt/oracle/instantclient_12_1# source ~/.bashrc

If you are able to run sqlplus without any errors you are good to continue.

root@kali:/opt/oracle/instantclient_12_1# sqlplus

SQL*Plus: Release Production on Wed Aug 1 03:08:10 2018

Copyright (c) 1982, 2014, Oracle.  All rights reserved.

Enter user-name:

Installing ODAT (development version)

From this point forward, it’s basically following the guide on the github setup page minus a few steps. (I recommend doing an apt-get update before performing the following steps)

root@kali:~# cd /opt/
root@kali:/opt# git clone
cd odat/

Install: libaio1 python-dev alien python-pip python-scapy

root@kali:/opt/odat# apt-get install -y libaio1 python-dev alien python-pip python-scapy

install: cx_Oracle

root@kali:/opt/odat# pip install cx_Oracle

Test to make sure the dependencies so far have installed correctly. You shouldn’t have any errors here.

root@kali:/opt/odat# python -c 'import cx_Oracle'

Install the following python packages from pip: colorlog termcolor pycrypto passlib argcomplete

root@kali:/opt/odat# pip install colorlog termcolor pycrypto passlib argcomplete 

Active python-argcomplete

root@kali:/opt/odat# activate-global-python-argcomplete

ODAT should be fully functioning without any issue. Good Luck

root@kali:/opt/odat# ./ -h
usage: [-h] [--version]

            _  __   _  ___
           / \|  \ / \|_ _|
          ( o ) o ) o || |
  _        __           _           ___
 / \      |  \         / \         |_ _|
( o )       o )         o |         | |
 \_/racle |__/atabase |_n_|ttacking |_|ool

By Quentin Hardy ( or

positional arguments:

                      Choose a main command
    all               to run all modules in order to know what it is possible to do
    tnscmd            to communicate with the TNS listener
    tnspoison         to exploit TNS poisoning attack
    sidguesser        to know valid SIDs
    passwordguesser   to know valid credentials
    utlhttp           to send HTTP requests or to scan ports
    httpuritype       to send HTTP requests or to scan ports
    utltcp            to scan ports
    ctxsys            to read files
    externaltable     to read files or to execute system commands/scripts
    dbmsxslprocessor  to upload files
    dbmsadvisor       to upload files
    utlfile           to download/upload/delete files
    dbmsscheduler     to execute system commands without a standard output
    java              to execute system commands
    passwordstealer   to get hashed Oracle passwords
    oradbg            to execute a bin or script
    dbmslob           to download files
    stealremotepwds   to steal hashed passwords thanks an authentication sniffing (CVE-2012-3137)
    userlikepwd       to try each Oracle username stored in the DB like the corresponding pwd
    smb               to capture the SMB authentication
    privesc           to gain elevated access
    cve               to exploit a CVE
    search            to search in databases, tables and columns
    unwrapper         to unwrap PL/SQL source code (no for 9i version)
    clean             clean traces and logs

optional arguments:
  -h, --help          show this help message and exit
  --version           show program's version number and exit
root@kali:/opt/odat# ./ --version
Version 2.3 - 2018/06/03