Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sap Authentication bypass fixed in SAP Note 2258786 #75

Merged
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 31 additions & 0 deletions other/SAP/SAP authentication bypass check.bcheck
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
metadata:
language: v1-beta
name: "SAP authentication bypass check"
description: "Tests for Sap authentication bypass SAP Note 2258786 Checking if the public
endpoint of sap/admin/public is accessible which would leak the patch management and internal urls"
author: "Bob van der Staak"
tags: "SAP", "Authentication Bypass"

run for each:
potential_path =
"/sap/admin/public/index.html"


given host then
send request called check:
method: "GET"
path: {potential_path}

if "Administration" in {check.response.body} and {check.response.status_code} is "200" then
report issue:
severity: medium
confidence: certain
detail: `Sap information leaking found at the following path {potential_path}.`
remediation: "Follow the actions which are required in SAP Note 2258786"
end if