Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Everything posted by sapmeister

  1. Noch ein Sauerkraut hier .. jemand aus der Darmstadt Region?
  2. Hi, when I try to do a recon scan, I expected, that the collected SSIDs are automatically replicated (PineAP: Capture SSIDs to Pool set to 'X' ), Demon is on. But the SSID Pool Frame stays empty. (Windows 8.1, Firefox and Chrome Browser) Any hints? Thanks in Advance Holger
  3. Hi everybody One of the largest and well known Enterprise Security Conferences in Germany is C-Forge, run by Virtual Forge, a large Security Software Company. C-FORGE, May 30 + 31st 2017 , Heidelberg, Germany It is all centered around the (in)famous SAP ERP Software, used by almost all medium and large companies in the world. Since I am a professional pen tester for large SAP systems, I was asked to held a presentation. Everybody liked the proposal of a one-hour presentation of my Hak5-Backpack, with RubberDucky, LANTurtle, BashBunny, of course Pineapple TETRA and a great german product called miniChameleon, which copies and mimics RFID and NFC Cards (like hotel keys and corporate badges) . This will be a rundown about a SAP PenTest playbook scenario (with live elements) to get passwords and hashes with these devices. My experience is, that HW-attacks are often overlooked in Enterprises, but are much more risky, dangerous and overall much more likely than any network hack. So if you happened to be in the area, stop by. It is of no cost, if you are working for a SAP-customer. Check my presentation link and more conference information: C-Forge Presentation "Cracking the SAP Perimeter"
  4. Hi, I have both, the TETRA and the older MarkV. I upgraded Mark5 to the newest version with the WEB GUI, but now I want to revert it to the last "greenscreen" Version. Do I just a factory reset? Or will this not work? thx hs
  5. OK, since I try to learn: Are there any tutorials/How To on modules? I miss the SSLstripes from the Mark V, where can I go to learn more about modules. I've looked at the 1hr Tutorial to write my own modules, but I would like to get more Details on the available moduls..
  6. ok, I get the donkey hat on this.. you're right, wrong menu..
  7. ....but when the MAC is already gone before you could edit it in the Client view, it will sit there forever. seems like a bug. EDIT: Next Donkey Hat for me: Don't use IE Explorer, the Google Spy Bigger Brother CHROME works better..
  8. Hi, where is the Deauth-Option that is in the Tetra-Videos, but gone in new Version 1.1.0? thx hs
  9. I just found the answer myself_ You canot delete while this MAC is logged on and registered for AP-Tracking in Client mode. Go to Client mode, remove it from the AP-List in the drop down menu , then it disappeared as well from the filters list.
  10. Hi, I just received my brand new Tetra and instantly upgraded to 1.1.0. I have now one issue in Client Filtering When in Filters --> Client-Filtering, I added one MAC adress. But neither in allow or deny mode, I can delete this entry. It sits there forever, How can I delete the entry? Restart hasn't helped either. thx hs
  11. Hi, I am a pen tester in the German Rhein/Main Area and my focus is solely on pen testing SAP Software and SAP systems. (The One from Germany that is run by almost all corporations woirldwide). Are there any pentesters in Germany doing the same? SInce SAP requires special expertise and special tools, it would be great to exchange on things.. and meet over a beer. I recently added Hak5 Pineapple and Rubberducky to hunt for passwords as test - was a real winner..
  12. Favorite Game: Silent Hill Favorite OS: MS Windows Sex: not very often Race: Mountain Bike Favorite Band: Richard Wagner Favorite Book: My own book about Security at Rheinwerk/Galileo Press Favorite Author: Myself Favorite TV Show: Life is too short to watch BS Occupation: SAP ERP guy in all four corners of the windrose, SAP Pen Tester, Crypto Programmer, CEO Whisperer Hobbies: Recording symphonies in my studio
  • Create New...