Attacking the Giants: Exploiting SAP Internals - Cybsec
Attacking the Giants: Exploiting SAP Internals - Cybsec
Attacking the Giants: Exploiting SAP Internals - Cybsec
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Attacking</strong> <strong>the</strong> <strong>Giants</strong>: <strong>Exploiting</strong> <strong>SAP</strong> <strong>Internals</strong><br />
Security Review of <strong>the</strong> RFC Interface...<br />
© 2007<br />
Abusing Default Functions (cont.)<br />
• SYSTEM_CREATE_INSTANCE<br />
Remote Command Execution (buffer overflow).<br />
• RFC_START_PROGRAM<br />
Restricted through RfcAllowStartProgram(“progname“)<br />
Remote Command Execution (buffer overflow).<br />
Determine Applied Restrictions through RfcAllowStartProgram().<br />
Path Traversal Attacks (c:\path\IamAllowed.exe\..\butIamNot.exe).<br />
25