Jump to content
Nytro

PowerSAP

Recommended Posts

PowerSAP

PowerSAP is a simple powershell re-implementation of popular & effective techniques of all public tools such as Bizploit, Metasploit auxiliary modules, or python scripts available on the Internet. This re-implementation does not contain any new or undisclosed vulnerability.

PowerSAP allows to reach SAP RFC with .Net connector 'NCo'.

Credit

All credit goes to:

  • Onapsis - Mariano, Jordan…
  • ERPScan (@_chipik)
  • ERPSEC - Joris van De Vis (@jvis)
  • Chris John Riley (@ChrisJohnRiley)
  • Agnivesh Sathasivam and Dave Hartley (@nmonkee)
  • Martin Gallo (@MartinGalloAr)

What is this repository for?

Examples

  • Test your .Net Connector 'NCo':

PS C:\PowerSAP\Standalone> .\Get-NCoVersion.ps1

NCo Version: 3.0.13.0 Patch Level: 525 SAP Release: 720

  • How to run testis:

Invoke PS scripts in the Standalone folder.

Contributions

Feel free to contribute and add features.

Screenshots

Simple bruteforce attack on SAP RFC

PowerSAP2

READ_TABLE RFC function module call through SOAP request

 

Sursa: https://github.com/airbus-seclab/powersap

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...