O SpecGold OracleBusIntApps7 clr



   Call us now 

  Manchester Office

  +44 (0) 8450 940 998




Welcome to the Beyond Blog

As you'd expect from the winners of the Specialized Partner of the Year: Business Analytics at the Oracle UKI Specialized Partner Awards 2014, Beyond work with leading edge BI Applications primarily within the UK Public Sector. We intend to share some of our ideas and discoveries via our blog and hopefully enrich the wider discussion surrounding Oracle Business Intelligence and driving improved insight for customers

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Bloggers
    Bloggers Search for your favorite blogger from this site.
  • Team Blogs
    Team Blogs Find your favorite team blogs here.
  • Login
    Login Login form
Subscribe to this list via RSS Blog posts tagged in APEX

With machine learning being one of te big things at the moment, I thought I'd cast my mind back to my first ever c programming assignment at university - write the game of Pangolins. The game is based on the 20 Questions game, whereby the user thinks of an object and the machine aims to guess that object by asking simple yes/no style questions - ideally less than 20. the system starts off by knowing about only a single object - a small ant-eating mammal called a Pangolin.
Each time a user thinks of something the system isn't aware of, it learns from this. The internal implementation of this is just a simple set of nodes, which can either be a question, or an object. A question node has two pointers to a yes and a no node. It's probably easiest to illustrate with a walkthough. I created a little demo app which can be accessed here on The sample code to create can be found at the bottom of this post.

We start off with a single entry - and we are therefore asked "are you thinking of a Pangolin"?

Step 1

So assume we were actually thinking of a pencil, so we say no. The system then asks us what were we actually thinking of. Let's tell it so.

Step 2

Next we are asked to give a yes/no question that will distinguish between a pencil and a pangolin.

Step 3

And clearly the answer for that is No.

Step 4

Last modified on Continue reading
Tagged in: APEX Machine Learning
in Technical 588 7

I know there are already a good number of blogs/guides out there already describing various methods of automating the backup of APEX applications, however I thought I'd share the method I recently implemented internally as it uses a remote subversion repository. This gives rise to a number of subsequent benefits such as holding a full version history, low storage overheads and resilience to local hardware failure. Why might you want to do this? Well, aside from the obvious catastrophes, acts of God, malicious deletion, accidental corruption etc, it's sometimes simply useful to be able to take your application as of a particular point in time, regardless of your database flashback etc.
Anyway, here is the process we take will follow.

  1. Export all our APEX applications from the workspace.
  2. Add any new applications that we've not seen before to the svn repository.
  3. Commit any changes to svn

First we need to create a working directory of our repository on the APEX database server. Note that I already added all applications to this repository previously - this is not necessary however. I chose to check out a specific directory only rather than the root. You of course need to install the svn client software on your server if you haven't already for this step. It's free and easy - and not worth explaining here.

[oracle@localhost tmp]$ svn checkout https://mysvnrepo/folder/subfolder/etc svn
A    svn/f101.sql
A    svn/f10100.sql
A    svn/f110.sql
A    svn/f10200.sql
A    svn/f20100.sql
A    svn/f10210.sql
A    svn/f20200.sql
A    svn/f20300.sql
Checked out revision 1079.

To export we can use the APEXExport Java utility. This is called in the following way.

java -cp $CLASSPATH oracle.apex.APEXExport -db <database connection> -user <database user> -password <database password> -workspaceid <workspace id>

This will generate a set of .sql files in the format f<application_id>.sql in the current directory, which we can then copy into our working directory. The issue here is that an APEX export file contains a line representing the date and time at which the export was done. This will then be considered a change by svn. To avoid that, I strip out that line using the sed utility.

sed -i '/--   Date and Time:/d' f*.sql
Last modified on Continue reading
Tagged in: APEX
in Technical 924 0

Oracle APEX Exploitation - Part 3

This is the third in my series of short posts about methods thatc an be used to exploit your Oracle APEX applications. The first two posts concentrated on URL Injection which is relatively easy to protect against, however this third post is going to focus on something that is a bit more difficult to stop, and not quite as obvious an issue. I am going to call it Select List Injection.

Select List Injection

This exploit relies on the application having a select list that has been filtered somehow for the user. For example, a select list may show the list of employees that report to the current user - in reality the list of employees on the base table is a superset of these.

Mechanism of Attack

A simple example is a page which contains a select of employees reporting to the current user and displays a report based on the selected value. The select list only contains the employees visible to the user. We can set up a simple example as follows.
Select List LOV Code:

select ename, empno from emp
where mgr=7566
order by ename

Report Code:

select ename, empno, hiredate, sal from emp
where empno=:p5_emp_id


Last modified on Continue reading
Tagged in: APEX
in Technical 1036 3

Oracle APEX Exploitation - Part 2

Following on from my previous post in a series on common exploits in Oracle Application Express, in this post I am going to continue the theme of URL modification, however this time to allow us to execute procedures where we shouldn't be able to. This issue arises from the fact that we can use the construct BRANCH_TO_PAGE_ACCEPT in an Apex URL to call submit processing. This is explained further below.

URL Parameter Modification

Mechanism of Attack

Take a page which shows a report to all users, however users with a higher level of access are able to click a button which deletes the content of the table. Obviously a very silly example, but it's enough to show us the principles. The live demo of this can be found here as always.

Our page consists of a report with a simple query:

select ename from emp;

A delete button, DELETE which has an authorisation scheme defined against it to only display when the user is an administrator.

Apex Designer

Finally a procedure "Delete Rows" which empties the table. This is set to be conditional based upon the DELETE button being pressed.

  delete emp;

Now to protect my demo application I have modified this slightly to:

  delete emp;
  raise_application_error(-20000,'I would have deleted all your data really!');
Last modified on Continue reading
Tagged in: APEX
in Technical 483 0

Oracle APEX Exploitation - Part 1

I decided to write a short series of posts detailing some different mechanisms that a malicious user may use to "attack" an application written in Oracle Application Express (Apex) - note - "Attack" is used loosely here in that it is more of "making the application perform in a way it was not intended". These posts are not intended to be instructional, more they are intended to assist the developer in ensuring their applications are written to a standard which protects against such attacks. It should be noted from the outset that none of the techniques illustrated infer there is a security issue with Apex - Apex is secure for all intents and purposes - any security vulnerabilities are 99%+ of the time due to the developer not implementing appropriate defences. Some of them are quite obvious, however some may not be so. I won't be using any fancy tools - just a browser with developer plugins.
I'll try to explain a problem under a number of headings.

  • The mechanism of the attack
  • The implications
  • How to defend against it

It of course goes without saying that all liability is relinquished - anything you do to your own (or other's) applications is entirely at your own risk.

I am using a sandpit application on to demonstrate, which can be accessed here.
So with that said, the first thing I'd like to show is by far the most simple - URL Parameter Modification. I'll then work through more complex and intricate attacks in subsequent posts.

Last modified on Continue reading
Tagged in: APEX
in Techniques 652 0