Attacking the Giants: Exploiting SAP Internals - Cybsec
19.06.2015 Views
Share Embed Flag

Attacking the Giants: Exploiting SAP Internals - Cybsec

Attacking the Giants: Exploiting SAP Internals - Cybsec

Attacking the Giants: Exploiting SAP Internals - Cybsec

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
cybsec.com

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

<strong>Attacking</strong> <strong>the</strong> <strong>Giants</strong>: <strong>Exploiting</strong> <strong>SAP</strong> <strong>Internals</strong><br />

Security Review of <strong>the</strong> RFC Interface...<br />

© 2007<br />

Some O<strong>the</strong>r Functions<br />

There are o<strong>the</strong>r functions installed by default in every external RFC<br />

server. We have discovered security vulnerabilities in some of <strong>the</strong>m:<br />

• RFC_TRUSTED_SYSTEM_SECURITY<br />

• RFC_SET_REG_SERVER_PROPERTY<br />

• RFC_START_GUI<br />

• SYSTEM_CREATE_INSTANCE<br />

• RFC_START_PROGRAM<br />

The thing is that…any of this functions can be called, just as regular<br />

installed functions...<br />

23

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!