Penetration Testing mailing list archives
Re: SAP Pen-Test
From: Nicolas Gregoire <ngregoire () exaprobe com>
Date: Tue, 02 Nov 2004 11:39:34 +0100
Le ven 29/10/2004 à 10:42, Sven Tambler a écrit :
I want to test a SAP Enterprise Portal. Do you know a tool for pen-testing a SAP portal?
AFAIK, there's no tool dedicated to testing the security of SAP components. But if "SAP Enterprise Portal" is the same thing that the "SAP Internet Transaction Server", the presentation of FX at the last CCC conference will give you some hints (and exploits !) for several buffer-overflows and format strings bugs. http://www.phenoelit.de/whatSAP/ You could too try the default passwords of SAP (try Google) or gain access to the SAP-RFC ports and brute-force ID without account locking, or fetch some information (version, patchlevel, ... of SAP R/3, the OS and the DB) with a hacked 'sapinfo.c'. Once you've a SAP account, you could use transaction SM69 to execute commands on the server. Regards, -- Nicolas Gregoire ----- Consultant en Sécurité des Systèmes d'Information ngregoire () exaprobe com ------[ ExaProbe ]------ http://www.exaprobe.com/ PGP KeyID:CA61B44F FingerPrint:1CC647FF1A55664BA2D2AFDACA6A21DACA61B44F
Current thread:
- SAP Pen-Test Sven Tambler (Nov 01)
- RE: SAP Pen-Test Rob Shein (Nov 03)
- RE: SAP Pen-Test Marc Heuse (Nov 05)
- Re: SAP Pen-Test Nicolas Gregoire (Nov 03)
- Re: SAP Pen-Test Martin Eiszner (Nov 05)
- <Possible follow-ups>
- RE: SAP Pen-Test Todd Towles (Nov 03)
- RE: SAP Pen-Test Nicolas Gregoire (Nov 05)
- RE: SAP Pen-Test Rob Shein (Nov 03)