Exploitation Tools

PowerSAP – Powershell SAP Assessment Tool

PowerSAP is a simple powershell re-implementation of popular & effective techniques of all public tools such as Bizploit, Metasploit auxiliary modules, or python scripts available on the Internet. This re-implementation does not contain any new or undisclosed vulnerability.
PowerSAP allows to reach SAP RFC with .Net connector ‘NCo’.
What is this repository for?

Examples

  • Test your .Net Connector ‘NCo’:

PS C:\PowerSAP\Standalone> .\Get-NCoVersion.ps1
NCo Version: 3.0.13.0 Patch Level: 525 SAP Release: 720

  • How to run testis:

Invoke PS scripts in the Standalone folder.

Screenshots

Simple bruteforce attack on SAP RFC

READ_TABLE RFC function module call through SOAP request