A collection of notes/exceptions/issues I've encountered while using Onapsis Bizsploit.
Last active
December 31, 2015 11:39
-
-
Save 0xdevalias/7981455 to your computer and use it in GitHub Desktop.
A collection of notes/exceptions/issues I've encountered while using Onapsis Bizsploit.
This will be a collection of random notes/musings. Probably mostly this will aim to store a digital copy of the enhancements I think of as I use bizsploit.
- Create a target(s) script
- Target + discovery
- Target + discovery + vulnassess
- Etc
- sqlplus (/usr/bin/sqlplus)
- SAP RFC Framework
-
Tools option not shown in help screen (main menu)
-
Also see 3_OnapsisBizsploit-Exceptions.txt
- Fix up inconsistencies with menu names/commands/etc
- Eg. list/view/show/etc
- Enable support for cd .. as well as back
- Etc
- Ability to execute a script from inside bizsploit (eg for vulnassess/etc after targetting)
- Passthrough unknown commands to operating system (like metasploit)
- Interact with metasploit database?
- Plugin to mirror all console output to a file (i believe something like this existed in v1?)
- Plugin to generate/output scripts for all entered commands (think metasploit makerc)
- Drone support (See Lair-Drones below)
- Options to output to xml, txt, etc as well as html
- Drone support (See Lair-Drones below)
- Add support for sending data to lair through drones.
- A few potential (or all) options
- Plugin: Sends data 'live'
- Report: Exports data in a drone compatible format and/or sends it directly when report is generated
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
v1.50RC | |
Running 'icmErrorInfodisc' against [10.x.y.z(0)-SAPICM(1)] | |
Sending invalid request to trigger error message... | |
Traceback (most recent call last): | |
File "/root/pentest/bizsploit/core/ui/consoleUi/consoleUi.py", line 176, in _handleKey | |
self._handlers[key]() | |
File "/root/pentest/bizsploit/core/ui/consoleUi/consoleUi.py", line 271, in _onEnter | |
self._execute() | |
File "/root/pentest/bizsploit/core/ui/consoleUi/consoleUi.py", line 238, in _execute | |
menu = self._context.execute(params) | |
File "/root/pentest/bizsploit/core/ui/consoleUi/menu.py", line 170, in execute | |
return handler( params ) | |
File "/root/pentest/bizsploit/core/ui/consoleUi/rootMenu.py", line 74, in _cmd_start | |
self._bizploit.start(params) | |
File "/root/pentest/bizsploit/core/bizploitCore.py", line 135, in start | |
self._vulnassess(commands) | |
File "/root/pentest/bizsploit/core/bizploitCore.py", line 258, in _vulnassess | |
plugin.run() | |
File "/root/pentest/bizsploit/core/basePlugins/basePlugin.py", line 85, in run | |
res = apply(functor, ()) | |
File "/root/pentest/bizsploit/plugins/vulnassess/icmErrorInfodisc.py", line 51, in _run_SAPICM | |
data = re.search('Server:</td><td>(.*?)_(.*?)_(.*?)</td>', resp.read()) | |
File "/usr/lib/python2.7/socket.py", line 351, in read | |
data = self._sock.recv(rbufsize) | |
File "/usr/lib/python2.7/httplib.py", line 561, in read | |
s = self.fp.read(amt) | |
File "/usr/lib/python2.7/socket.py", line 380, in read | |
data = self._sock.recv(left) | |
timeout: timed out |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment