mailing list archives
SAP information sniffing - need help
From: rivestp () metro ca
Date: 29 Apr 2008 18:09:08 -0000
This question is from a previous post i got that sent me to this interesting web page:
http://www.cybsec.com/upload/bh-eu-07-nunez-di-croce-WP_paper.pdf. Basicly if you look at page 6 of the document, it
shows a sniffing result and tells us about the username/password of SAP.
I have tried to reproduce this with Wireshark, filtering the traffic from my SAP server (using the ip as filter). I
cant find the username, client_id or anything related to authentification. I would then think we are using SNC, but in
fact we are not (i check the proprieties of the client).
Anyone who can give me links or a way to identify the username/client_id or password (that i will XOR) would greatly
help me get SNC activated here (and also get rid of telnet & ftp :))
Philippe Rivest, Certified Ethical Hacker
- SAP information sniffing - need help rivestp (Apr 29)