Learn, hack!

URL

https://media.blackhat.com/bh-dc-11/Nunez%20Di%20Croce/BlackHat_DC_2011_NunezDiCroce_SAPapp-Slides.pdf

File name

BlackHat_DC_2011_NunezDiCroce_SAPapp-Slides.pdf

File size

1.1 MB

MD5

4b5c0dd390739d46a8ccc640ef6004b9

SHA1

0535e2be265debf488dd7cf348aa827ce16b90c5

"SAP platforms are only accessible internally". You may have heard that several times. While that was true in many organizations more than a decade ago, the current situation is completely different: driven by modern business requirements, SAP systems are getting more and more connected to the Internet. This scenario drastically increases the universe of possible attackers, as remote malicious parties can try to compromise the organization's SAP platform in order to perform espionage, sabotage and fraud attacks. SAP provides different Web interfaces, such as the Enterprise Portal, the Internet Communication Manager (ICM) and the Internet Transaction Server (ITS). These components feature their own security models and technical infrastructures, which may be prone to specific security vulnerabilities. If exploited, your business crown jewels can end up in the hands of cyber criminals. Through many live demos, this talk will explain how remote attackers may compromise the security of different SAP Web components and what you can do to avoid it. In particular, an authentication-bypass vulnerability affecting "hardened" SAP Enterprise Portal implementations will be detailed.