Pentest SAP

From: pacholi69@ozu.es
Date: Thu Sep 14 2006 - 03:44:44 EDT

• Next message: Nicolas RUFF: "Re: Fwd: Re: tools to scan source code"
• Previous message: Zed Qyves: "Re: custom xp_cmdshell on SQL Server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi there list,

I'm planning a pentest with a SAP system as target and I wonder:

- There is any automated tool available in order to sniff SAP client
packets and to filter the password hash? (a tool similar to Cain will be
perfect)

- If there is no tool, someone know what kind of hash is beeing send from
the client to the server? (maybe MD5 or SHA1 with some kind of salt)

Whatever info will be welcome

Thanks in advance

--------------------------------------------------------------------------------------------
Nueva Barra de Herramientas de OZÚ. Navega Más facilmente por Internet.
¡Descargatela gratis! http://barra.ozu.es/
--------------------------------------------------------------------------------------------
Correo enviado desde http://www.ozu.es

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------

• Next message: Nicolas RUFF: "Re: Fwd: Re: tools to scan source code"
• Previous message: Zed Qyves: "Re: custom xp_cmdshell on SQL Server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:56 EDT