Breaking SAP Portal - Proidea
Breaking SAP Portal - Proidea
Breaking SAP Portal - Proidea
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>SAP</strong> Management Console<br />
What we can find into logs?<br />
Right!<br />
File userinterface.log contains calculated JSESIONID<br />
But…<br />
Attacker must have credentials for reading log file<br />
WRONG!