예제 #1
0
def main():
    options = parse_options()

    if options.verbose:
        logging.basicConfig(level=logging.DEBUG)

    # Create the connection to the SAP Netweaver server
    print("[*] Connecting to %s:%d" %
          (options.remote_host, options.remote_port))
    connection = SAPDiagConnection(options.remote_host,
                                   options.remote_port,
                                   init=False,
                                   terminal=options.terminal,
                                   route=options.route_string)

    # Send the initialization packet and store the response (login screen)
    login_screen = connection.init()
    # Filter the response and show the interesting info
    print("[*] Login Screen information:")
    for item in login_screen[SAPDiag].get_item(
        ["APPL", "APPL4"], ["ST_R3INFO", "ST_USER", "VARINFO"]):
        show(item)

    # Close the connection
    connection.close()
예제 #2
0
def login(host, port, terminal, route, username, password, client, verbose,
          results):
    """
    Perform a login try with the username and password.

    """
    success = False
    status = ''

    # Create the connection to the SAP Netweaver server
    connection = SAPDiagConnection(host,
                                   port,
                                   terminal=terminal,
                                   compress=False,
                                   init=True,
                                   route=route)

    # Send the login using the given username, password and client
    response = connection.interact(make_login(username, password, client))

    # If the response contain a MESSAGE item, it could be a error message of the user requesting a password change
    if response[SAPDiag].get_item("APPL", "ST_R3INFO", "MESSAGE"):
        status = response[SAPDiag].get_item("APPL", "ST_R3INFO",
                                            "MESSAGE")[0].item_value
        # Check if the password is expired
        if status == "Enter a new password":
            success = True
            status = "Expired password"
        elif status == "E: Log on with a dialog user":
            success = True
            status = "No Dialog user (log on with RFC)"
    # Check if the user is already logged in
    elif is_duplicate_login(response)[0]:
        status = is_duplicate_login(response)[1]
        success = True
    # If the ST_USER USERNAME item is set to the username, the login was successful
    elif response[SAPDiag].get_item("APPL", "ST_USER", "USERNAME"):
        st_username = response[SAPDiag].get_item("APPL", "ST_USER",
                                                 "USERNAME")[0].item_value
        if st_username == username:
            success = True
    # If the response doesn't contain a message item but the Internal Mode Number is set to 1, we have found a
    # successful login
    elif response[SAPDiag].get_item("APPL", "ST_R3INFO", "IMODENUMBER"):
        imodenumber = response[SAPDiag].get_item("APPL", "ST_R3INFO",
                                                 "IMODENUMBER")[0].item_value
        if imodenumber == "\x00\x01":
            success = True
    # Otherwise, we are dealing with an unknown response
    else:
        status = "Unknown error"

    # Close the connection
    connection.close()

    if verbose:
        print(
            "[*] Results: \tClient: %s\tUsername: %s\tPassword: %s\tValid: %s\tStatus: %s"
            % (client, username, password, success, status))
    results.append((success, status, username, password, client))
예제 #3
0
def main():
    options = parse_options()

    if options.verbose:
        logging.basicConfig(level=logging.DEBUG)

    # Create the connection to the SAP Netweaver server
    print("[*] Connecting to %s:%d" % (options.remote_host, options.remote_port))
    connection = SAPDiagConnection(options.remote_host, options.remote_port,
                                   init=False, terminal=options.terminal,
                                   route=options.route_string)

    # Send the initialization packet and store the response (login screen)
    login_screen = connection.init()

    print "[+] Dumping technical information"
    for item in login_screen[SAPDiag].get_item(["APPL"],
                                               ["ST_R3INFO", "ST_USER", "VARINFO"]):
        show_serv_info(item)
    print
    print "[+] Login Screen text"
    for item in login_screen[SAPDiag].get_item(["APPL", "APPL4"],
                                               ["DYNT"]):
        show_text_info(item)
    print "-"*key_len + "-"*val_len

    connection.close()
예제 #4
0
def main():
    options = parse_options()

    if options.verbose:
        logging.basicConfig(level=logging.DEBUG)

    # Create the connection to the SAP Netweaver server
    print("[*] Connecting to %s:%d" % (options.remote_host, options.remote_port))
    connection = SAPDiagConnection(options.remote_host, options.remote_port,
                                   init=False, terminal=options.terminal,
                                   route=options.route_string)

    # Send the initialization packet and store the response (login screen)
    login_screen = connection.init()

    print("[+] Dumping technical information")
    for item in login_screen[SAPDiag].get_item(["APPL"],
                                               ["ST_R3INFO", "ST_USER", "VARINFO"]):
        show_serv_info(item)
    print("\n[+] Login Screen text")
    for item in login_screen[SAPDiag].get_item(["APPL", "APPL4"],
                                               ["DYNT"]):
        show_text_info(item)
    print("-" * key_len + "-" * val_len)

    connection.close()
예제 #5
0
def main():
    options = parse_options()

    if not has_wx:
        print(
            "[-] Required library not found. Please install it from https://wxpython.org/"
        )
        return

    if options.verbose:
        logging.basicConfig(level=logging.DEBUG)

    # Create the connection to the SAP Netweaver server
    print("[*] Connecting to %s port %d" %
          (options.remote_host, "port", options.remote_port))
    connection = SAPDiagConnection(options.remote_host,
                                   options.remote_port,
                                   terminal=options.terminal,
                                   route=options.route_string)

    # Send the initialization packet and store the response (login screen)
    login_screen = connection.init()

    print("[*] Login screen grabbed, rendering it")
    render_diag_screen(login_screen[SAPDiag], options.verbose)

    # Close the connection
    connection.close()
예제 #6
0
def main():
    options = parse_options()

    if not has_wx:
        print ("[-] Required library not found. Please install it from http://wxpython.org/")
        return

    if options.verbose:
        logging.basicConfig(level=logging.DEBUG)

    # Create the connection to the SAP Netweaver server
    print "[*] Connecting to", options.remote_host, "port", options.remote_port
    connection = SAPDiagConnection(options.remote_host,
                                   options.remote_port,
                                   terminal=options.terminal,
                                   route=options.route_string)

    # Send the initialization packet and store the response (login screen)
    login_screen = connection.init()

    print "[*] Login screen grabbed, rendering it"
    render_diag_screen(login_screen[SAPDiag], options.verbose)

    # Close the connection
    connection.close()
예제 #7
0
def login(host, port, terminal, route, username, password, client, verbose, results):
    """
    Perform a login try with the username and password.

    """
    success = False
    status = ''

    # Create the connection to the SAP Netweaver server
    connection = SAPDiagConnection(host, port, terminal=terminal,
                                   compress=False, init=True, route=route)

    # Send the login using the given username, password and client
    response = connection.interact(make_login(username, password, client))

    # If the response contain a MESSAGE item, it could be a error message of the user requesting a password change
    if response[SAPDiag].get_item("APPL", "ST_R3INFO", "MESSAGE"):
        status = response[SAPDiag].get_item("APPL", "ST_R3INFO", "MESSAGE")[0].item_value
        # Check if the password is expired
        if status == "Enter a new password":
            success = True
            status = "Expired password"
        elif status == "E: Log on with a dialog user":
            success = True
            status = "No Dialog user (log on with RFC)"
        elif status[:10] == "E: Client ":
            success = False
            status = "Client does not exist"
    # Check if the user is already logged in
    elif is_duplicate_login(response)[0]:
        status = is_duplicate_login(response)[1]
        success = True
    # If the ST_USER USERNAME item is set to the username, the login was successful
    elif response[SAPDiag].get_item("APPL", "ST_USER", "USERNAME"):
        st_username = response[SAPDiag].get_item("APPL", "ST_USER", "USERNAME")[0].item_value
        if st_username == username:
            success = True
    # If the response doesn't contain a message item but the Internal Mode Number is set to 1, we have found a
    # successful login
    elif response[SAPDiag].get_item("APPL", "ST_R3INFO", "IMODENUMBER"):
        imodenumber = response[SAPDiag].get_item("APPL", "ST_R3INFO", "IMODENUMBER")[0].item_value
        if imodenumber == "\x00\x01":
            success = True
    # Otherwise, we are dealing with an unknown response
    else:
        status = "Unknown error"


    # Close the connection
    connection.close()

    if verbose:
        print("[*] Results: \tClient: %s\tUsername: %s\tPassword: %s\tValid: %s\tStatus: %s" % (client, username,
                                                                                                password, success,
                                                                                                status))
    results.append((success, status, username, password, client))
예제 #8
0
def send_crash(host, port, item, number, verbose, terminal=None, route=None):
    for i in range(number):
        # Create the connection to the SAP Netweaver server
        try:
            if verbose:
                print("[*] Sending crash #%d" % (i + 1))
            connection = SAPDiagConnection(host, port, init=True, terminal=terminal, route=route)
            connection.send_message([item])
        except SocketError:
            if verbose:
                print("[*] Connection error")
예제 #9
0
def send_crash(host, port, item, number, verbose):
    for i in range(number):
        # Create the connection to the SAP Netweaver server
        try:
            if verbose:
                print "[*] Sending crash #", i + 1
            connection = SAPDiagConnection(host, port, init=True)
            connection.send_message([item])
        except SocketError:
            if verbose:
                print "[*] Connection error"
예제 #10
0
def main():
    options = parse_options()

    if options.verbose:
        logging.basicConfig(level=logging.DEBUG)

    # Create the connection to the SAP Netweaver server
    print "[*] Connecting to", options.remote_host, "port", options.remote_port
    connection = SAPDiagConnection(options.remote_host, options.remote_port)

    # Send the initialization packet and store the response (login screen)
    login_screen = connection.init()

    print "[*] Login screen grabbed, rendering it"
    render_diag_screen(login_screen[SAPDiag], options.verbose)

    # Close the connection
    connection.close()
예제 #11
0
def login(host, port, terminal, username, password, client, verbose, results):
    """
    Perform a login try with the username and password.

    """
    success = False
    status = ''

    # Create the connection to the SAP Netweaver server
    connection = SAPDiagConnection(host, port, terminal=terminal, compress=False, init=True)

    # Send the login using the given username, password and client
    response = connection.interact(make_login(username, password, client))

    # If the response contain a MESSAGE item, it could be a error message of the user requesting a password change
    if response[SAPDiag].get_item(0x10, 0x06, 0x0b):
        status = response[SAPDiag].get_item(0x10, 0x06, 0x0b)[0].item_value
        # Check if the password is expired
        if status == "Enter a new password":
            success = True
            status = "Expired password"
        elif status == "E: Log on with a dialog user":
            success = True
            status = "No Dialog user (log on with RFC)"
    # If the ST_USER USERNAME item is set to the username, the login was successful
    elif response[SAPDiag].get_item(0x10, 0x04, 0x0c):
        st_username = response[SAPDiag].get_item(0x10, 0x04, 0x0c)[0].item_value
        if st_username == username:
            success = True
    # If the response doesn't contain a message item and the the Internal Mode Number is set to 1, we have found a successful login
    elif response[SAPDiag].get_item(0x10, 0x06, 0x0a):
        imodenumber = response[SAPDiag].get_item(0x10, 0x06, 0x0a)[0].item_value
        if imodenumber == "\x00\x01":
            success = True
    # Otherwise, we are dealing with an unknown response
    else:
        status = "Unknown error"

    # Close the connection
    connection.close()

    if verbose:
        print "[*] Results: \tClient: %s\tUsername: %s\tPassword: %s\tValid: %s\tStatus: %s" % (client, username, password, success, status)
    results.append((success, status, username, password, client))
예제 #12
0
def main():
    options = parse_options()

    if options.verbose:
        logging.basicConfig(level=logging.DEBUG)

    # Create the connection to the SAP Netweaver server
    print "[*] Connecting to", options.remote_host, "port", options.remote_port
    connection = SAPDiagConnection(options.remote_host,
                                   options.remote_port,
                                   terminal=options.terminal,
                                   route=options.route_string)

    # Send the initialization packet and store the response (login screen)
    login_screen = connection.init()

    print "[*] Login screen grabbed, rendering it"
    render_diag_screen(login_screen[SAPDiag], options.verbose)

    # Close the connection
    connection.close()
예제 #13
0
def main():
    options = parse_options()

    if options.verbose:
        logging.basicConfig(level=logging.DEBUG)

    # Create the connection to the SAP Netweaver server
    print("[*] Connecting to %s:%d" % (options.remote_host, options.remote_port))
    connection = SAPDiagConnection(options.remote_host, options.remote_port,
                                   init=False, terminal=options.terminal,
                                   route=options.route_string)

    # Send the initialization packet and store the response (login screen)
    login_screen = connection.init()
    # Filter the response and show the interesting info
    print("[*] Login Screen information:")
    for item in login_screen[SAPDiag].get_item(["APPL", "APPL4"],
                                               ["ST_R3INFO", "ST_USER", "VARINFO"]):
        show(item)

    # Close the connection
    connection.close()
예제 #14
0
def main():
    options = parse_options()

    if options.verbose:
        logging.basicConfig(level=logging.DEBUG)

    # Create the connection to the SAP Netweaver server
    print "[*] Connecting to", options.remote_host, "port", options.remote_port
    connection = SAPDiagConnection(options.remote_host, options.remote_port, init=False)

    # Send the initialization packet and store the response (login screen)
    login_screen = connection.init()

    # Close the connection
    connection.close()

    # Filter the response and show the interesting info
    print "[*] Login Screen information:"
    for item in login_screen[SAPDiag].get_item(0x10, 0x06):  # ST_R3INFO items
        show(item)
    for item in login_screen[SAPDiag].get_item(0x10, 0x04):  # ST_USER items
        show(item)
    for item in login_screen[SAPDiag].get_item(0x10, 0x0c):  # VARINFO items
        show(item)