SAP: Session (Fixation) Attacks and Protections - Black Hat
SAP: Session (Fixation) Attacks and Protections - Black Hat
SAP: Session (Fixation) Attacks and Protections - Black Hat
- No tags were found...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
#3 Discovery <strong>and</strong> Exploitation (5)• Attacker only had to reuse the followingspecific set of target cookies:Cookie:saplb_*=(J2EE01234567)01234567;PortalAlias=portal;JSESSIONID=(J2EE01234567)ID0123456789DB01234567890123456789End;MY<strong>SAP</strong>SSO2=AjEx…(very long string)…ewCw%3D;<strong>SAP</strong>WP_active=1Copyright © 2011 Taddong S.L. www.taddong.com59