SAP Direct Browsing URLs for Pentesting

转载 2012年03月23日 11:05:47
List of SAP HTTP Resources to hack at…
  • /rep/build_info.html
  • /rep/build_info.jsp
  • /run/build_info.html
  • /run/build_info.jsp
  • /rwb/version.html
  • /sap/bc/bsp/esh_os_service/favicon.gif
  • /sap/bc/bsp/sap
  • /sap/bc/bsp/sap/alertinbox
  • /sap/bc/bsp/sap/bsp_dlc_frcmp
  • /sap/bc/bsp/sap/bsp_veri
  • /sap/bc/bsp/sap/bsp_verificatio
  • /sap/bc/bsp/sap/bsp_wd_base
  • /sap/bc/bsp/sap/bspwd_basics
  • /sap/bc/bsp/sap/certmap
  • /sap/bc/bsp/sap/certreq
  • /sap/bc/bsp/sap/crm_bsp_frame
  • /sap/bc/bsp/sap/crmcmp_bpident/
  • /sap/bc/bsp/sap/crmcmp_brfcase
  • /sap/bc/bsp/sap/crmcmp_hdr
  • /sap/bc/bsp/sap/crmcmp_hdr_std
  • /sap/bc/bsp/sap/crmcmp_ic_frame
  • /sap/bc/bsp/sap/crm_thtmlb_util
  • /sap/bc/bsp/sap/crm_ui_frame
  • /sap/bc/bsp/sap/crm_ui_start
  • /sap/bc/bsp/sap/esh_sap_link
  • /sap/bc/bsp/sap/esh_sapgui_exe
  • /sap/bc/bsp/sap/graph_bsp_test
  • /sap/bc/bsp/sap/graph_bsp_test/Mimes
  • /sap/bc/bsp/sap/gsbirp
  • /sap/bc/bsp/sap/htmlb_samples
  • /sap/bc/bsp/sap/iccmp_bp_cnfirm
  • /sap/bc/bsp/sap/iccmp_hdr_cntnr
  • /sap/bc/bsp/sap/iccmp_hdr_cntnt
  • /sap/bc/bsp/sap/iccmp_header
  • /sap/bc/bsp/sap/iccmp_ssc_ll/
  • /sap/bc/bsp/sap/ic_frw_notify
  • /sap/bc/bsp/sap/it00
  • /sap/bc/bsp/sap/public/bc
  • /sap/bc/bsp/sap/public/graphics
  • /sap/bc/bsp/sap/sam_demo
  • /sap/bc/bsp/sap/sam_notifying
  • /sap/bc/bsp/sap/sam_sess_queue
  • /sap/bc/bsp/sap/sbspext_htmlb
  • /sap/bc/bsp/sap/sbspext_xhtmlb
  • /sap/bc/bsp/sap/spi_admin
  • /sap/bc/bsp/sap/spi_monitor
  • /sap/bc/bsp/sap/sxms_alertrules
  • /sap/bc/bsp/sap/system
  • /sap/bc/bsp/sap/thtmlb_scripts
  • /sap/bc/bsp/sap/thtmlb_styles
  • /sap/bc/bsp/sap/uicmp_ltx
  • /sap/bc/bsp/sap/xmb_bsp_log
  • /sap/bc/contentserver
  • /sap/bc/echo
  • /sap/bc/error
  • /sap/bc/FormToRfc
  • /sap/bc/graphics/net
  • /sap/bc/gui/sap/its/CERTREQ
  • /sap/bc/gui/sap/its/designs
  • /sap/bc/gui/sap/its/webgui
  • /sap/bc/IDoc_XML
  • /sap/bc/ping
  • /sap/bc/report
  • /sap/bc/soap/ici
  • /sap/bc/soap/rfc
  • /sap/bc/srt/IDoc
  • /sap/bc/wdvd
  • /sap/bc/webdynpro/sap/apb_launchpad
  • /sap/bc/webdynpro/sap/apb_launchpad_nwbc
  • /sap/bc/webdynpro/sap/apb_lpd_light_start
  • /sap/bc/webdynpro/sap/apb_lpd_start_url
  • /sap/bc/webdynpro/sap/application_exit
  • /sap/bc/webdynpro/sap/appl_log_trc_viewer
  • /sap/bc/webdynpro/sap/appl_soap_management
  • /sap/bc/webdynpro/sap/ccmsbi_wast_extr_testenv
  • /sap/bc/webdynpro/sap/cnp_light_test
  • /sap/bc/webdynpro/sap/configure_application
  • /sap/bc/webdynpro/sap/configure_component
  • /sap/bc/webdynpro/sap/esh_search_results.ui
  • /sap/bc/webdynpro/sap/esh_adm_smoketest_ui
  • /sap/bc/webdynpro/sap/sh_adm_smoketest_files
  • /sap/bc/webdynpro/sap/esh_eng_modelling
  • /sap/bc/webdynpro/sap/esh_admin_ui_component
  • /sap/bc/webdynpro/sap/wdhc_application
  • /sap/bc/webdynpro/sap/wd_analyze_config_appl
  • /sap/bc/webdynpro/sap/wd_analyze_config_comp
  • /sap/bc/webdynpro/sap/wd_analyze_config_user
  • /sap/bc/webdynpro/sap/WDR_TEST_ADOBE
  • /sap/bc/webdynpro/sap/WDR_TEST_EVENTS
  • /sap/bc/webdynpro/sap/wdr_test_popups_rt
  • /sap/bc/webdynpro/sap/WDR_TEST_TABLE
  • /sap/bc/webdynpro/sap/wdr_test_ui_elements
  • /sap/bc/webdynpro/sap/WDR_TEST_WINDOW_ERROR
  • /sap/bc/webrfc
  • /sap/bc/xrfc
  • /sap/bc/xrfc_test
  • /sap/es/cockpit
  • /sap/es/getdocument
  • /sap/es/opensearch
  • /sap/es/opensearch/description
  • /sap/es/opensearch/list
  • /sap/es/opensearch/search
  • /sap/es/saplink
  • /sap/es/search
  • /sap/es/redirect
  • /sap/crm
  • /sap/public/bc
  • /sap/public/bc/icons
  • /sap/public/bc/icons_rtl
  • /sap/public/bc/its/mimes
  • /sap/public/bc/its/mimes/system/SL/page/hourglass.html
  • /sap/public/bc/its/mobile/itsmobile00
  • /sap/public/bc/its/mobile/itsmobile01
  • /sap/public/bc/its/mobile/rfid
  • /sap/public/bc/its/mobile/start
  • /sap/public/bc/its/mobile/test
  • /sap/public/bc/NWDEMO_MODEL
  • /sap/public/bc/NW_ESH_TST_AUTO
  • /sap/public/bc/pictograms
  • /sap/public/bc/sicf_login_run
  • /sap/public/bc/trex
  • /sap/public/bc/ur
  • /sap/public/bc/wdtracetool
  • /sap/public/bc/webdynpro/adobechallenge
  • /sap/public/bc/webdynpro/mimes
  • /sap/public/bc/webdynpro/ssr
  • /sap/public/bc/webdynpro/viewdesigner
  • /sap/public/bc/webicons
  • /sap/public/bc/workflow
  • /sap/public/bc/workflow/shortcut
  • /sap/public/bsp/sap
  • /sap/public/bsp/sap/htmlb
  • /sap/public/bsp/sap/public
  • /sap/public/bsp/sap/public/bc
  • /sap/public/bsp/sap/public/faa
  • /sap/public/bsp/sap/public/graphics
  • /sap/public/bsp/sap/public/graphics/jnet_handler
  • /sap/public/bsp/sap/public/graphics/mimes
  • /sap/public/bsp/sap/system
  • /sap/public/bsp/sap/system_public
  • /sap/public/icf_check
  • /sap/public/icf_info
  • /sap/public/icf_info/icr_groups
  • /sap/public/icf_info/icr_urlprefix
  • /sap/public/icf_info/logon_groups
  • /sap/public/icf_info/urlprefix
  • /sap/public/icman
  • /sap/public/info
  • /sap/public/myssocntl
  • /sap/public/ping
  • /sap/webcuif

相关文章推荐

BTS PenTesting Lab - A4 Insecure Direct Object References

不安全的直接对象引用 Viewing Details 源文件:/btslab/myprofile.php 关键代码地址http://192.168.1.228/myprofile.php?id=1 (...
  • zrools
  • zrools
  • 2015年12月28日 09:30
  • 505

Friendly URLs for Liferay Portlets

标准的portletURLs 并不能算是简洁的: http://localhost:8080/web/guest/home? p_p_id=mygreeting_WAR_mygreetingpo...

Use Categories in Product URLs for Magento SEO without Duplicate Content

Use Categories in Product URLs for Magento SEO without Duplicate Content Magento provides the opti...

Introducing ASP.NET FriendlyUrls-cleaner URLs,easier Routing, and Mobile Views for ASP.NET Web Forms

I've said before how surprised I am that more ASP.NET Web Forms developers don't use Routing to ma...
内容举报
返回顶部
收藏助手
不良信息举报
您举报文章:SAP Direct Browsing URLs for Pentesting
举报原因:
原因补充:

(最多只允许输入30个字)