Attacking the Giants: Exploiting SAP Internals - Cybsec
19.06.2015 Views
Share Embed Flag

Attacking the Giants: Exploiting SAP Internals - Cybsec

Attacking the Giants: Exploiting SAP Internals - Cybsec

Attacking the Giants: Exploiting SAP Internals - Cybsec

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
cybsec.com

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

<strong>Attacking</strong> <strong>the</strong> <strong>Giants</strong>: <strong>Exploiting</strong> <strong>SAP</strong> <strong>Internals</strong><br />

Advanced Attacks<br />

© 2007<br />

<strong>Attacking</strong> <strong>the</strong> Application Server with a Registered Server (co<br />

• We can perform “callbacks” to <strong>the</strong> RFC partner (in this case, <strong>SAP</strong><br />

App. Server)<br />

• The RFC Call is executed in <strong>the</strong> context of <strong>the</strong> original R/3 call.<br />

• Impact depends on authorizations of <strong>the</strong> R/3 user (<strong>SAP</strong>_ALL?).<br />

•Attack: 1. Connect to licit Registered Server, ID=REG1 (blocking<br />

connections).<br />

2. Start an Evil Twin.<br />

3. Receive RFC call.<br />

4. Perform RFC callback.<br />

5. If user has <strong>SAP</strong>_ALL...Bingo!<br />

41

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!