Jump to content
Nytro

PowerSAP

By Nytro, in Programe hacking

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

PowerSAP

PowerSAP is a simple powershell re-implementation of popular & effective techniques of all public tools such as Bizploit, Metasploit auxiliary modules, or python scripts available on the Internet. This re-implementation does not contain any new or undisclosed vulnerability.

PowerSAP allows to reach SAP RFC with .Net connector 'NCo'.

Credit

All credit goes to:

  • Onapsis - Mariano, Jordan…
  • ERPScan (@_chipik)
  • ERPSEC - Joris van De Vis (@jvis)
  • Chris John Riley (@ChrisJohnRiley)
  • Agnivesh Sathasivam and Dave Hartley (@nmonkee)
  • Martin Gallo (@MartinGalloAr)

What is this repository for?

Examples

  • Test your .Net Connector 'NCo':

PS C:\PowerSAP\Standalone> .\Get-NCoVersion.ps1

NCo Version: 3.0.13.0 Patch Level: 525 SAP Release: 720

  • How to run testis:

Invoke PS scripts in the Standalone folder.

Contributions

Feel free to contribute and add features.

Screenshots

Simple bruteforce attack on SAP RFC

PowerSAP2

READ_TABLE RFC function module call through SOAP request

 

Sursa: https://github.com/airbus-seclab/powersap

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...