SAPProx - SAP MiTM Proxy Server

SAPPRox is a proof of concept tool for intercepting and modifying SAP GUI (DIAG) traffic.

SensePost Logo header
quick links
Home -> SensePost Labs -> Tools we've built -> PoC Projects -> SAPProx - SAP MiTM Proxy Server

SAPProx

Find SAPProx on GitHub.

author

Ian de Villiers

cost

Free

license, version, release, recent changes

  • License : GPL
  • Version : 0.1
  • Release Date : 2011-09-02

what is SAPProx ?

SAPProx is a proof of concept tool for intercepting and modifying SAP GUI (DIAG protocol) traffic.

Details on running SAPProx can be found in the README.txt file included in the ZIP file.

who should use it ?

Pen-testers. SAP Researchers

requirements

  • Java runtime environment.
  • Custom JNI Library.

The custom JNI library is included in the download.

Binary builds of the JNI library are only available for the following platforms:

  • Mac OS/X
  • Windows (32-bit)
  • Linux (32-bit)

If you wish to use a different platform, please download the sources for SAPPRox and SapCompress and build the library yourself.

more details

SAPProx is available with source code from the resource links available on the right hand side.

Ian de Villiers' original 44con slide-deck is also available from this link for your reference.

Copyright © SensePost Pty Ltd