ERPScan Automator - Because Manual is Meh

Another quick little tool for you guys today that I hacked together to save myself some time. This one automates running through a number of tests using the ERPScan SAP Pentesting Tool

At time of writing, configuration is all done inside the script, with no support for command line parameters (might add them in the future)

@echo off
@rem ----------------
@rem Config - Banner
@rem ----------------
set BATVER=0.1 (20130703)
set BANNERDASH=--------------------------------
set BANNERNAMEVER=Erpscan Automator v%BATVER%
set BANNERBY=Created By: Glenn 'devalias' Grant (http://devalias.net)
set BANNERUPDATES=Updates at: https://gist.github.com/alias1/6118709
set BANNER_LICENSE=License: The MIT License (MIT) - Copyright (c) 2013 Glenn 'devalias' Grant (see http://choosealicense.com/licenses/mit/ for full license text)

@rem ---------------- @rem Parms @rem ---------------- set OUTNAME=CHANGEMETOYOUROUTFILENAME set SITE=http://example.com:1234/changeme/to/your/url set USER=CHANGEMETOYOURTESTUSER set PASS=CHANGEMETOYOUR_TESTPASS set MODULES=1 2 3 4 5 9 10 11 15 16 17 18 19

@rem ---------------- @rem Config @rem ---------------- set ERPSCANPATH="X:\CHANGEME\H4x0rTools\Erpscan" set ERPSCANFILENAME=black.pl set SITEOPT=-s set USEROPT=-u set PASSOPT=-p set MODULEOPT=-m set BATFILENAME=%~nx0 set BATPATH=%~dp0 set OUTEXT=.txt set OUTFILE="%BATPATH%/%OUTNAME%%OUT_EXT%"

@rem ---------------- @rem Main Program @rem ---------------- title %BANNER_NAMEVER%

echo %BANNERDASH% echo %BANNERNAMEVER% echo %BANNERBY% echo %BANNERUPDATES% echo %BANNERLICENSE% echo %BANNERDASH%

echo %BANNERDASH% >> %OUTFILE% echo Generated with %BANNERNAMEVER% >> %OUTFILE% echo %BANNERBY% >> %OUTFILE %echo %BANNERUPDATES% >> %OUTFILE echo %BANNERLICENSE% >> %OUTFILE% echo %BANNERDASH% >> %OUTFILE%

echo. echo Site: %SITE% echo User: %USER% echo Pass: hidden echo Modules: %MODULES%

echo. >> %OUTFILE% echo Site: %SITE% >> %OUTFILE% echo User: %USER% >> %OUTFILE% echo Pass: hidden >> %OUTFILE% echo Modules: %MODULES% >> %OUT_FILE%

cd /D %ERPSCAN_PATH%

SETLOCAL ENABLEDELAYEDEXPANSION for %%x in (%MODULES%) do ( set MODULE=%%x

echo. echo -------------------------------- echo Running module !MODULE!.. echo --------------------------------

echo. >> %OUTFILE% echo -------------------------------- >> %OUTFILE% echo Running module !MODULE!.. >> %OUTFILE% echo -------------------------------- >> %OUTFILE%

perl %ERPSCANFILENAME% %SITEOPT% %SITE% %USEROPT% %USER% %PASSOPT% %PASS% %MODULEOPT% !MODULE! >> %OUTFILE% )

echo. echo Done

pause