Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Module update sap router portscanner #2012

Merged
merged 5 commits into from Jul 3, 2013
Merged

Module update sap router portscanner #2012

merged 5 commits into from Jul 3, 2013

Conversation

morisson
Copy link
Contributor

Added option for generating ports from instance numbers;
Added information on SAP default ports;
Output is now cleaner, in a table format;

jvazquez-r7
jvazquez-r7 reviewed Jun 25, 2013
View reviewed changes
modules/auxiliary/scanner/sap/sap_router_portscanner.rb
@@ -15,55 +15,98 @@ class Metasploit3 < Msf::Auxiliary

def initialize
super(
'Name' => 'SAPRouter Port Scanner',
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like this addition is breaking current indentation. Do you mind to apply your changes over the current version landed on the metasploit-framework. And just land changes, please, don't redo indentation. Thanks!

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sorry. let me blame this on rubymine :)

@jvazquez-r7
Copy link
Contributor

Processing....

@jvazquez-r7
Copy link
Contributor

Like the changes, my only worry is which sometimes service info could be confusing:

msf auxiliary(sap_router_portscanner) > set PORTS 80,3306
PORTS => 80,3306
msf auxiliary(sap_router_portscanner) > run

[*] Scanning 192.168.172.192

Portscan Results
================

   Host             Port  State  Info
   ----             ----  -----  ----
   192.168.172.192  80    open   
   192.168.172.192  3306  open   SAP Gateway sapgw06

[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

This time 3306 isn't a " SAP Gateway sapgw0 " but a MySQL from a host behind the SAProuter, even when I guess saprouter is used indeed to put available SAP infrastructure, I'm going to display a warning message :)

(btw, it's working, finishing code review and landing, thanks @morisson !)

@jvazquez-r7
Copy link
Contributor

Instances / wildcards also working, landing:

msf auxiliary(sap_router_portscanner) > show options

Module options (auxiliary/scanner/sap/sap_router_portscanner):

   Name            Current Setting  Required  Description
   ----            ---------------  --------  -----------
   CONCURRENCY     10               yes       The number of concurrent ports to check per host
   INSTANCES       00-99            no        SAP instance numbers to scan (NN in PORTS definition)
   MODE            SAP_PROTO        yes       Connection Mode: SAP_PROTO or TCP  (accepted: SAP_PROTO, TCP)
   PORTS           80,33NN          yes       Ports to scan (e.g. 3200-3299,5NN13)
   RHOSTS          192.168.172.192  yes       The target address range or CIDR identifier
   SAPROUTER_HOST  192.168.172.179  yes       SAPRouter address
   SAPROUTER_PORT  3299             yes       SAPRouter TCP port
   THREADS         1                yes       The number of concurrent threads

msf auxiliary(sap_router_portscanner) > run

[*] Scanning 192.168.172.192

Portscan Results
================

   Host             Port  State  Info
   ----             ----  -----  ----
   192.168.172.192  3306  open   SAP Gateway sapgw06
   192.168.172.192  80    open   

[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

jvazquez-r7 pushed a commit that referenced this pull request Jul 3, 2013
Land #2012, @morisson improve for sap_router_portscanner
4a076e0
jvazquez-r7 pushed a commit that referenced this pull request Jul 3, 2013
Add final cleanup for #2012
61c85b1
@jvazquez-r7 jvazquez-r7 merged commit 2da278f into rapid7:master Jul 3, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@morisson @jvazquez-r7