SAP ConfigServlet OS command execution module #1751
Corrected pull request (branch change) for the previously submitted module:
This module allows execution of operating system commands throug the
The vulnerability was discovered by ERPScan's team, it was presented on Hacker Halted 2012 conference:
Since there isn't OSVDB number still and I wouldn't like to see it hold up for more time, merged it. Will be updating by myself once there is OSVDB available :)
Thanks @andrewkabai for your contribution, hope you're still thinking in working in the exploit module :) would be awesome, let me know if you need feedback or help while development !