what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from Andras Kabai

SAP ConfigServlet Remote Code Execution

Posted Apr 29, 2013

Authored by Dmitry Chastuhin, Andras Kabai | Site metasploit.com

This Metasploit module allows remote code execution via operating system commands through the SAP ConfigServlet without any authentication. This Metasploit module has been tested successfully with SAP NetWeaver 7.00 and 7.01 on Windows Server 2008 R2.

tags | exploit, remote, code execution

systems | windows

advisories | OSVDB-92704

SHA-256 | 62e0a4607ddec7e5f1da4c772ef23ba8583944002abf5e96e995e6da403c5361

Download | Favorite | View

SAP ConfigServlet OS Command Execution

Posted Apr 19, 2013

Authored by Dmitry Chastuhin, Andras Kabai | Site metasploit.com

This Metasploit module allows execution of operating system commands through the SAP ConfigServlet without any authentication.

tags | exploit

SHA-256 | bd22164e93c481f2adee97758ca447db0d47658f7a4544609432a32799d8b8d3

Download | Favorite | View