Attacking the Giants: Exploiting SAP Internals - Cybsec
Attacking the Giants: Exploiting SAP Internals - Cybsec
Attacking the Giants: Exploiting SAP Internals - Cybsec
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Attacking</strong> <strong>the</strong> <strong>Giants</strong>: <strong>Exploiting</strong> <strong>SAP</strong> <strong>Internals</strong><br />
Advanced Attacks<br />
© 2007<br />
A Wiser (and Stealth) Evil Twin: MITM Attacks<br />
RESPONSE<br />
ID=REG1<br />
RCF Call<br />
<strong>SAP</strong> R/3<br />
<strong>SAP</strong> GW<br />
ID=REG1<br />
RCF Modified<br />
Call<br />
Modified<br />
RESPONSE<br />
- So Here This we time, we have go every <strong>the</strong> again, same RFC blocking scenario, call received valid legitimate connections is Logged/Modified, client to and <strong>the</strong> and<br />
innocent forwarded External External RFC to <strong>the</strong> Server, original RCF <strong>the</strong> Server <strong>SAP</strong> external R/3 Server server. and <strong>the</strong> <strong>SAP</strong> Gateway<br />
- Now, <strong>the</strong> same malicious client/server connects with <strong>the</strong><br />
<strong>SAP</strong> R/3 Gateway, and register itself with <strong>the</strong> same ID as <strong>the</strong><br />
original external server.<br />
External RFC<br />
Malicius Server<br />
39