Attacking the Giants: Exploiting SAP Internals - Cybsec
Attacking the Giants: Exploiting SAP Internals - Cybsec
Attacking the Giants: Exploiting SAP Internals - Cybsec
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Attacking</strong> <strong>the</strong> <strong>Giants</strong>: <strong>Exploiting</strong> <strong>SAP</strong> <strong>Internals</strong><br />
Advanced Attacks<br />
© 2007<br />
Getting <strong>the</strong> Information: The Gateway Monitor<br />
•TheGateway Server has a configuration parameter for restricting<br />
Gateway Monitor access.<br />
gw/monitor = 0<br />
gw/monitor = 1<br />
gw/monitor = 2<br />
Monitor is disabled.<br />
Local access only.<br />
Remote access enabled.<br />
• Up to <strong>SAP</strong> Kernels 6.20, default value for this parameter is: 2.<br />
• Remote access to <strong>the</strong> Gateway Monitor would provide any<br />
information needed for <strong>the</strong> attacks.<br />
35