RFCpwn is an SAP enumeration and exploitation toolkit using SAP RFC calls. This is a toolkit for demonstrating the impact of compromised service accounts. This PoC is not for use in production environments, no guarantee of stability or support.
It relies on the pyrfc and the libraries provided by SAP in: https://github.com/SAP/PyRFC#installation
Also Read – AWS Report : Tool For Analyzing Amazon Resources
Examples
./RFCpwn.py -ip 192.168.200.253 -s 00 -c 000 -u RFCUser -p RFCPass -ping
./RFCpwn.py -ip 192.168.200.253 -s 00 -c 000 -u RFCUser -p RFCPass -usercopy -user attacker -pw changeme1
./RFCpwn.py -ip 192.168.200.253 -s 00 -c 000 -u RFCUser -p RFCPass -dump
Demo
Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…
This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…
GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…
Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…
The free and open-source security platform SecHub, provides a central API to test software with…
Don't worry if there are any bugs in the tool, we will try to fix…