PowerSAP
PowerSAP is a simple powershell re-implementation of popular & effective techniques of all public tools such as Bizploit, Metasploit auxiliary modules, or python scripts available on the Internet. This re-implementation does not contain any new or undisclosed vulnerability.
PowerSAP allows to reach SAP RFC with .Net connector 'NCo'.
Credit
All credit goes to:
- Onapsis - Mariano, Jordanโฆ
- ERPScan (@_chipik)
- ERPSEC - Joris van De Vis (@jvis)
- Chris John Riley (@ChrisJohnRiley)
- Agnivesh Sathasivam and Dave Hartley (@nmonkee)
- Martin Gallo (@MartinGalloAr)
- Yvan GENUER (@_1ggy)
What is this repository for?
-
Quick summary: Powershell SAP assessment tool
-
Version: 1.1
-
Dependencies: .Net connector "NCo" https://websmp201.sap-ag.de/public/connectors
-
Configuration: Copy sapnco.dll & sapnco_utils.dll in NCo_x86/NCo_x64 folders.
Examples
- Test your .Net Connector 'NCo':
PS C:\PowerSAP\Standalone> .\Get-NCoVersion.ps1
NCo Version: 3.0.13.0 Patch Level: 525 SAP Release: 720
- How to run testis:
Invoke PS scripts in the Standalone folder.
Contributions
Feel free to contribute and add features.
Screenshots
Simple bruteforce attack on SAP RFC
READ_TABLE RFC function module call through SOAP request