Menu

Subscribe

ERPScan Automator - Because Manual is Meh

Author image Glenn 'devalias' Grant | | 2 minutes to read | #wrpscan, #sap, #automation, #script, #gist, #hack, #pentest |

Another quick little tool for you guys today that I hacked together to save myself some time. This one automates running through a number of tests using the ERPScan SAP Pentesting Tool

At time of writing, configuration is all done inside the script, with no support for command line parameters (might add them in the future)

https://gist.github.com/0xdevalias/6118709

@echo off

@rem ----------------

@rem Config - Banner

@rem ----------------

set BAT_VER=0.1 (20130703)

set BANNER_DASH=--------------------------------

set BANNER_NAMEVER=Erpscan Automator v%BAT_VER%

set BANNER_BY=Created By: Glenn 'devalias' Grant (http://devalias.net)

set BANNER_UPDATES=Updates at: https://gist.github.com/alias1/6118709

set BANNER_LICENSE=License: The MIT License (MIT) - Copyright (c) 2013 Glenn 'devalias' Grant (see http://choosealicense.com/licenses/mit/ for full license text)


@rem ----------------

@rem Parms

@rem ----------------

set OUT_NAME=CHANGEME_TO_YOUR_OUTFILE_NAME

set SITE=http://example.com:1234/changeme/to/your/url

set USER=CHANGEME_TOYOUR_TESTUSER

set PASS=CHANGEME_TOYOUR_TESTPASS

set MODULES=1 2 3 4 5 9 10 11 15 16 17 18 19


@rem ----------------

@rem Config

@rem ----------------

set ERPSCAN_PATH="X:\CHANGEME\H4x0rTools\Erpscan"

set ERPSCAN_FILENAME=black.pl

set SITE_OPT=-s

set USER_OPT=-u

set PASS_OPT=-p

set MODULE_OPT=-m

set BAT_FILENAME=%~nx0

set BAT_PATH=%~dp0

set OUT_EXT=.txt

set OUT_FILE="%BAT_PATH%/%OUT_NAME%%OUT_EXT%"


@rem ----------------

@rem Main Program

@rem ----------------

title %BANNER_NAMEVER%


echo %BANNER_DASH%

echo %BANNER_NAMEVER%

echo %BANNER_BY%

echo %BANNER_UPDATES%

echo %BANNER_LICENSE%

echo %BANNER_DASH%


echo %BANNER_DASH% >> %OUT_FILE%

echo Generated with %BANNER_NAMEVER% >> %OUT_FILE%

echo %BANNER_BY% >> %OUT_FILE

%echo %BANNER_UPDATES% >> %OUT_FILE

echo %BANNER_LICENSE% >> %OUT_FILE%

echo %BANNER_DASH% >> %OUT_FILE%


echo.

echo Site:    %SITE%

echo User:    %USER%

echo Pass:    hidden

echo Modules: %MODULES%


echo. >> %OUT_FILE%

echo Site:   %SITE% >> %OUT_FILE%

echo User:   %USER% >> %OUT_FILE%

echo Pass:   hidden >> %OUT_FILE%

echo Modules: %MODULES% >> %OUT_FILE%


cd /D %ERPSCAN_PATH%


SETLOCAL ENABLEDELAYEDEXPANSION

for %%x in (%MODULES%) do (

set MODULE=%%x


echo.

echo --------------------------------

echo Running module !MODULE!..

echo --------------------------------


echo. >> %OUT_FILE%

echo -------------------------------- >> %OUT_FILE%

echo Running module !MODULE!.. >> %OUT_FILE%

echo -------------------------------- >> %OUT_FILE%


perl %ERPSCAN_FILENAME% %SITE_OPT% %SITE% %USER_OPT% %USER% %PASS_OPT% %PASS% %MODULE_OPT% !MODULE! >> %OUT_FILE%

)


echo.

echo Done


pause