If you don't know neither the enemy
nor yourself, you will sucumb in every battle.
If you know yourself but not the enemy, for every victory gained you will also suffer a defeat.
But if you know the enemy and know yourself you need not fear the result of a hundred battles.
The art of war (Sun Tzu)
I gave a presentation at the Hacktivity 2009 which details the following problems regarding the Windows authentication in Oracle databases:
Flash demo how to hijack an Oracle connection
Flash demo how to downgrade 11g authentication when JDBC thin driver is used
Flash demo how to use the module for squirtle
The module for squirtle, a pyhton script for ImmunityDebugger