Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

Metasploit SAP Management Console AUX Modules: The RELEASE

5 Comments Posted by on March 2, 2011

So, the nice people at Metasploit (thanks HDM, Bannedit) have committed a bunch of my SAP auxiliary modules to the Metasploit SVN tree [r11858].

Alongside the modules I already released, I also finished up testing on the SAP_service_discovery module and wrote a new module sap_mgmt_con_brute for brute-forcing username|password through the SAP Management Consoles Basic Auth authentication*.

As these are MyFirst© Metasploit modules I’d appreciate any feedback you might have. I’ve still got a few modules to write-up once I get time, but I think these should be enough for you guys to be going on with.

Have fun, but not too much fun 😉

Links

Special thanks to Bannedit (and all the others in #Metasploit) for putting up with silly Ruby/Metasploit questions!

* This is a brute-force module… you may lock out accounts. Obvious really, but apparently that needs to be said!

Metasploit, Penetration Test, Security , , , , ,

5 responses to “Metasploit SAP Management Console AUX Modules: The RELEASE

  1. Gama March 11, 2011 at 17:07

    Thanks!

    I’m going to give it a test this weekend 😉

  2. ChrisJohnRiley March 11, 2011 at 18:12

    There are a few patches to the version in Metasploit 3.6.0. So if you’re testing make sure to run an svn up to get the latest changes!

    Please let me know if you have any issues. Always looking to improve things 😉

  3. Gama March 11, 2011 at 20:08

    Yep, im using the SVN version. I’m waiting for my Sap VM to test it. Im learing about Sap and Security assessment on Sap.

    One quick question, if you can help, why can it be a security issue reading the Start Profile?

  4. ChrisJohnRiley March 11, 2011 at 20:20

    It depends on the contents really. Exposure of paths, SID etc… It’s all useful for information gathering.

    Information is king after all!

  5. Gama March 13, 2011 at 21:52

    Just tested it, with a Server 2003 , and it got all the info it stated 😉
    its a good starting point for an assessment, thanks!

%d bloggers like this: