PowerSAP

PowerSAP is a simple powershell re-implementation of popular & effective techniques of all public tools such as Bizploit, Metasploit auxiliary modules, or python scripts available on the Internet. This re-implementation does not contain any new or undisclosed vulnerability.

PowerSAP allows to reach SAP RFC with .Net connector ‘NCo’.

What is this repository for?

• Dependencies: .Net connector “NCo” https://websmp201.sap-ag.de/public/connectors
• Configuration: Copy sapnco.dll & sapnco_utils.dll in NCo_x86/NCo_x64 folders.

Download

git clone https://github.com/airbus-seclab/powersap.git

Examples

• Test your .Net Connector ‘NCo’:

  PS C:\PowerSAP\Standalone> .\Get-NCoVersion.ps1

  NCo Version: 3.0.13.0 Patch Level: 525 SAP Release: 720

• How to run testis:
  Invoke PS scripts in the Standalone folder.

A simple bruteforce attack on SAP RFC

READ_TABLE RFC function module call through SOAP request

Copyright (c) 2015, Kevin Robertson All rights reserved.

Source: https://github.com/airbus-seclab