2.1. The TNS Protocol

When developing raw tools to troubleshoot problems in Oracle, it is necessary to understand the TNS protocol. This section details information about the TNS protocol. The Oracle JDBC client (classes12.zip) is a useful resource when seeking to understand the TNS protocol.

2.1.1. The TNS Header

Every TNS packet has an eight-byte header. The first two bytes (WORD) of the header are used for the packet length — inclusive of the header size. The size, like all values, is big-endian. The next WORD is for the packet checksum if checksumming is done — by default it is not, and the value for this WORD is 0x0000. The next byte is used to indicate the packet type —for example, the most common are as follows:

Connect packet      Type 1
Accept packet       Type 2
Ack packet             Type 3
Refuse packet       Type 4
Redirect packet       Type 5
Data packet       Type 6
NULL packet            Type 7
Abort packet      Type 9
Resend packet      Type 11
Marker packet      Type 12
Attention packet      Type 13
Control packet      Type 14

When connecting to Oracle, at the TNS level the client sends the server a Connect packet (type 1) specifying the service name they wish to access. Provided the Listener knows of such a service, one of two things can happen: The Listener could send an Accept packet (type 2) or it could redirect the client to another port with a Redirect packet (type 5). If the former option occurs, then the client attempts to authenticate. This is covered in detail in Chapter 4, "Attacking the Authentication Process." If the latter ...

Get The Oracle® Hacker's Handbook: Hacking and Defending Oracle now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.