SAP NetWaver Security Checks

ID: sap-netweaver-workflow

Severity: “

Author: dwisiswant0

Tags:

Description

A simple workflow that runs all SAP NetWaver related nuclei templates on a given target.

YAML Source

id: sap-netweaver-workflow

info:
  name: SAP NetWaver Security Checks
  author: dwisiswant0
  description: A simple workflow that runs all SAP NetWaver related nuclei templates on a given target.
workflows:
  - template: http/technologies/sap/sap-netweaver-detect.yaml
    subtemplates:
      - template: http/cves/2020/CVE-2020-6287.yaml

      - template: http/cves/2017/CVE-2017-12637.yaml

      - template: http/cves/2020/CVE-2020-6308.yaml

      - template: http/exposed-panels/fiorilaunchpad-logon.yaml

      - template: http/exposed-panels/hmc-hybris-panel.yaml

      - template: http/exposed-panels/sap-netweaver-portal.yaml

      - template: http/exposed-panels/sap-hana-xsengine-panel.yaml

      - template: http/misconfiguration/sap/

  - template: network/detection/sap-router.yaml # Network Templates
    subtemplates:
      - template: network/misconfig/sap-router-info-leak.yaml

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "workflows/sap-netweaver-workflow.yaml"

View on Github