Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Pentest SAP

From: pacholi69 () ozu es
Date: Thu, 14 Sep 2006 09:44:44 +0200 (CEST)
Hi there list,

I'm planning a pentest with a SAP system as target and I wonder:

- There is any automated tool available in order to sniff SAP client
packets and to filter the password hash? (a tool similar to Cain will be
perfect)

- If there is no tool, someone know what kind of hash is beeing send from
the client to the server? (maybe MD5 or SHA1 with some kind of salt)

Whatever info will be welcome

Thanks in advance



--------------------------------------------------------------------------------------------
Nueva Barra de Herramientas de OZÚ. Navega Más facilmente por Internet.
¡Descargatela gratis! http://barra.ozu.es/
--------------------------------------------------------------------------------------------
Correo enviado desde http://www.ozu.es

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: