RE: SAP Pen-Test
From: Todd Towles (toddtowles_at_brookshires.com)
Date: 11/02/04
- Previous message: zeev r: "Vigilante security Scanner"
- Maybe in reply to: Sven Tambler: "SAP Pen-Test"
- Next in thread: Nicolas Gregoire: "RE: SAP Pen-Test"
- Reply: Nicolas Gregoire: "RE: SAP Pen-Test"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 2 Nov 2004 11:05:33 -0600 To: <tambler.20.tam@spamgourmet.com>
Hydra (parallized login hacker) from THC uses some SAP R/3 stuff. Anyone ever use test it?
Currently this tool supports:
TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, LDAP, SMB, SMBNT, MS-SQL, MYSQL, REXEC,
CVS, SNMP, SMTP-AUTH, SOCKS5, VNC, POP3, IMAP, NNTP, PCNFS, ICQ, SAP/R3,
Cisco auth, Cisco enable, Cisco AAA (incorporated in telnet module).
http://www.thc.org/releases.php
> -----Original Message-----
> From: Sven Tambler [mailto:tambler.20.tam@spamgourmet.com]
> Sent: Friday, October 29, 2004 3:42 AM
> To: pen-test@securityfocus.com
> Subject: SAP Pen-Test
>
> Hello everyone,
>
> I want to test a SAP Enterprise Portal. Do you know a tool
> for pen-testing a SAP portal? Of course, there are a lot of
> tools and techniques for apache or IIS and you can use them
> in a similar way.
> Otherwise there are a lot of SAP originalities and
> specialities you have to keep in mind. I donīt search for a
> tool like "nessus for SAP" - such a thing doesnīt exist - but
> some advices or plug-ins could be very useful. Could you by
> any chance be able to help?
>
> Thanks - Sven
>
>
- Previous message: zeev r: "Vigilante security Scanner"
- Maybe in reply to: Sven Tambler: "SAP Pen-Test"
- Next in thread: Nicolas Gregoire: "RE: SAP Pen-Test"
- Reply: Nicolas Gregoire: "RE: SAP Pen-Test"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
