ERPScan Automator - Because Manual is Meh

Another quick little tool for you guys today that I hacked together to save myself some time. This one automates running through a number of tests using the ERPScan SAP Pentesting Tool

At time of writing, configuration is all done inside the script, with no support for command line parameters (might add them in the future)

https://gist.github.com/0xdevalias/6118709

@echo off
@rem ----------------
@rem Config - Banner
@rem ----------------
set BAT_VER=0.1 (20130703)
set BANNER_DASH=--------------------------------
set BANNER_NAMEVER=Erpscan Automator v%BAT_VER%
set BANNER_BY=Created By: Glenn 'devalias' Grant (http://devalias.net)
set BANNER_UPDATES=Updates at: https://gist.github.com/alias1/6118709
set BANNER_LICENSE=License: The MIT License (MIT) - Copyright (c) 2013 Glenn 'devalias' Grant (see http://choosealicense.com/licenses/mit/ for full license text)

@rem ----------------
@rem Parms
@rem ----------------
set OUT_NAME=CHANGEME_TO_YOUR_OUTFILE_NAME
set SITE=http://example.com:1234/changeme/to/your/url
set USER=CHANGEME_TOYOUR_TESTUSER
set PASS=CHANGEME_TOYOUR_TESTPASS
set MODULES=1 2 3 4 5 9 10 11 15 16 17 18 19

@rem ----------------
@rem Config
@rem ----------------
set ERPSCAN_PATH="X:\CHANGEME\H4x0rTools\Erpscan"
set ERPSCAN_FILENAME=black.pl
set SITE_OPT=-s
set USER_OPT=-u
set PASS_OPT=-p
set MODULE_OPT=-m
set BAT_FILENAME=%~nx0
set BAT_PATH=%~dp0
set OUT_EXT=.txt
set OUT_FILE="%BAT_PATH%/%OUT_NAME%%OUT_EXT%"

@rem ----------------
@rem Main Program
@rem ----------------
title %BANNER_NAMEVER%

echo %BANNER_DASH%
echo %BANNER_NAMEVER%
echo %BANNER_BY%
echo %BANNER_UPDATES%
echo %BANNER_LICENSE%
echo %BANNER_DASH%

echo %BANNER_DASH% >> %OUT_FILE%
echo Generated with %BANNER_NAMEVER% >> %OUT_FILE%
echo %BANNER_BY% >> %OUT_FILE
%echo %BANNER_UPDATES% >> %OUT_FILE
echo %BANNER_LICENSE% >> %OUT_FILE%
echo %BANNER_DASH% >> %OUT_FILE%

echo.
echo Site: %SITE%
echo User: %USER%
echo Pass: hidden
echo Modules: %MODULES%

echo. >> %OUT_FILE%
echo Site: %SITE% >> %OUT_FILE%
echo User: %USER% >> %OUT_FILE%
echo Pass: hidden >> %OUT_FILE%
echo Modules: %MODULES% >> %OUT_FILE%

cd /D %ERPSCAN_PATH%

SETLOCAL ENABLEDELAYEDEXPANSION
for %%x in (%MODULES%) do (
set MODULE=%%x

echo.
echo --------------------------------
echo Running module !MODULE!..
echo --------------------------------

echo. >> %OUT_FILE%
echo -------------------------------- >> %OUT_FILE%
echo Running module !MODULE!.. >> %OUT_FILE%
echo -------------------------------- >> %OUT_FILE%

perl %ERPSCAN_FILENAME% %SITE_OPT% %SITE% %USER_OPT% %USER% %PASS_OPT% %PASS% %MODULE_OPT% !MODULE! >> %OUT_FILE%
)

echo.
echo Done

pause