inurl:"/irj/go/km/" intext:navigation

  • 日期:2019-01-09
  • 类别:
  • 作者:FlyingFrog
  • 语法:inurl:"/irj/go/km/" intext:navigation
  • AUTHOR: FlyingFrog
    Twitter: @ItsKarl0z

    ++ SAP files, filesystem information, file structure ++

    inurl:”/irj/go/km/" intext:navigation
    - extract SAP server documents
    - Find SAP server
    - Find server structure
    - Find usernames and passwords
    - Find sensitive data
    - To exploit go to site and click on “Navigation user interface”
    - 1.890 results at the time of writing

    (The vulnerabilities are suggestions, none of them have been tested by me,
    always request permission before testing anything on someone else system)