Re: SAP Pen-Test
From: Nicolas Gregoire (ngregoire_at_exaprobe.com)
Date: 11/02/04
- Previous message: Tim: "Re: TS/3389 risk on Internet"
- In reply to: Sven Tambler: "SAP Pen-Test"
- Next in thread: Martin Eiszner: "Re: SAP Pen-Test"
- Reply: Martin Eiszner: "Re: SAP Pen-Test"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: pen-test@securityfocus.com Date: Tue, 02 Nov 2004 11:39:34 +0100
Le ven 29/10/2004 à 10:42, Sven Tambler a écrit :
> I want to test a SAP Enterprise Portal. Do you know a tool for
> pen-testing a SAP portal?
AFAIK, there's no tool dedicated to testing the security of SAP
components. But if "SAP Enterprise Portal" is the same thing that the
"SAP Internet Transaction Server", the presentation of FX at the last
CCC conference will give you some hints (and exploits !) for several
buffer-overflows and format strings bugs.
http://www.phenoelit.de/whatSAP/
You could too try the default passwords of SAP (try Google) or gain
access to the SAP-RFC ports and brute-force ID without account locking,
or fetch some information (version, patchlevel, ... of SAP R/3, the OS
and the DB) with a hacked 'sapinfo.c'. Once you've a SAP account, you
could use transaction SM69 to execute commands on the server.
Regards,
-- Nicolas Gregoire ----- Consultant en Sécurité des Systèmes d'Information ngregoire@exaprobe.com ------[ ExaProbe ]------ http://www.exaprobe.com/ PGP KeyID:CA61B44F FingerPrint:1CC647FF1A55664BA2D2AFDACA6A21DACA61B44F
- Previous message: Tim: "Re: TS/3389 risk on Internet"
- In reply to: Sven Tambler: "SAP Pen-Test"
- Next in thread: Martin Eiszner: "Re: SAP Pen-Test"
- Reply: Martin Eiszner: "Re: SAP Pen-Test"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
