This template is designed to detect the presence of various SAP services on SAP NetWeaver endpoints. It helps identify available SAP services and assess potential access control issues or redirection behaviors.
This template uses multiple matchers and extractors to identify the status of each SAP service:
- 200 OK: Service is available and responding.
- 301, 302, 303, 307, 308: Redirects indicating possible access redirection.
- 403 Forbidden: Indicates restricted access to the service.
- 404 Not Found: The service endpoint does not exist on the server.
- 500+ Server Errors: Indicates potential server misconfiguration.
- Ensure you have Nuclei installed.
- Save the template file as
sap-netweaver-services-checks.yaml.
nuclei -t sap-netweaver-services-checks.yaml -u https://target-url.com