Skip to content
This repository has been archived by the owner on May 5, 2024. It is now read-only.

Latest commit

 

History

History
21 lines (14 loc) · 962 Bytes

README.md

File metadata and controls

21 lines (14 loc) · 962 Bytes

APEX PE Scanner

A small utility that finds users who are capable of privilege escalation using APEX.

The PE abuses the fact that APEX Triggers run in system mode. A full technical explanation can be found here.

How to run

The utility requires a username, a password and the security token of a Salesforce user.

python apex_pe_scanner.py -u USERNAME -p PASSWORD -t SECURITY_TOKEN

Instead of typing in your password and security token you can import this code and invoke find_users_with_apex with a logged-in simple_salesforce client.

Alternatively you can execute the apex code provided in apex_pe_scanner.apdx in Salesforce Developer Console.

Requirements

Python 3.7+

Required python packages:

  • simple_salesforce