SlideShare una empresa de Scribd logo

Security asap

M
morisson
Tecnología
1 de 27
Descargar para leer sin conexión
INTEGRITY Security (A)SAP (very) Short introduction to SAP security Bruno Morisson <bm@integrity.pt>
INTEGRITY About Consultant and Partner @ INTEGRITY Leading Consulting and Penetration Testing engagements Breaking things, and finding how to fix them OSCP, CISSP-ISSMP, CISA, ISO27001LA Currently doing the MSc in Information Security @ Royal Holloway, University of London. Organizing BSidesLisbon 2013 @morisson http://www.linkedin.com/in/morisson
INTEGRITY What is SAP ? SAP, started in 1972 by five former IBM employees in Mannheim, Germany, states that it is the world's largest inter-enterprise software company and the world's fourth-largest independent software supplier, overall. The original name for SAP was German: Systeme, Anwendungen, Produkte, German for "Systems Applications and Products." The original SAP idea was to provide customers with the ability to interact with a common corporate database for a comprehensive range of applications. Gradually, the applications have been assembled and today many corporations, including IBM and Microsoft, are using SAP products to run their own businesses. Source: http://searchsap.techtarget.com/definition/SAP
INTEGRITY Say that again?? Customer Relationship Management (CRM) Enterprise Resource Planning (ERP) Product Lifecycle Management (PLM) Supply Chain Management (SCM) Supplier Relationship Management (SRM)
INTEGRITY tl;dr Extremely complex software that huge enterprises depend on for business critical applications
INTEGRITY So, what about security ?
INTEGRITY
INTEGRITY
INTEGRITY SAP Security Notes 0 7.5 15 22.5 30 Oct’11 Dec’11 Feb’12 Apr’12 Jun’12 Aug’12 Oct’12 Dec’12 Feb’13 Apr’13 Jun’13
INTEGRITY SAP Security Notes
INTEGRITY How often do you upgrade a complex business critical application ?
INTEGRITY Common Problems Integration Default users/passwords Misconfigured permissions Lack of authentication Cleartext protocols Command Injection Buffer overflows SQLi XSS XXE SSRF ...
INTEGRITY Standing on the shoulders of giants Chris John Riley - SAP (in)Security http://www.slideshare.net/ChrisJohnRiley/sap-insecurity-scrubbing-sap-clean-with-soap David Hartley (nmonkee) - SAP Slappin’ http://labs.mwrinfosecurity.com/publications/2012/04/27/sap-slapping/ Mariano di Croce - The SAProuter http://conference.hitb.org/hitbsecconf2010ams/materials/D2T2%20-%20Mariano%20Nunez %20Di%20Croce%20-%20SAProuter%20.pdf Alexander Polyakov - Breaking SAP portal http://erpscan.com/presentations/breaking-sap-portal-from-hashdays-2012/
INTEGRITY So I sneezed... SAP Security Note 1816536 / CVE-2013-3319
INTEGRITY SAP Security Note 1816536 21 Aug 2012 – Reported vulnerability to vendor 23 Aug 2012 – Vendor acknowledged vulnerability 22 Oct 2012 – Vendor contact, with status update 23 Jan 2013 – Contacted vendor, requesting status update 23 Jan 2013 – Vendor replied with status update 9 Apr 2013 – Vendor releases patch 9 Jul 2013 – Advisory released
INTEGRITY SAP Security Note 1816536 Summary Symptom An attacker can discover information relating to used Operating System Version, Databases Version who uses SAP Host Agent. This information could be used to allow the attacker to specialize their attacks against the Operating System and Databases Software.
INTEGRITY
INTEGRITY DEMO
INTEGRITY
INTEGRITY SAProuter What is SAProuter ? SAProuter is an SAP program that acts as an intermediate station (proxy) in a network connection between SAP Systems, or between SAP Systems and external networks. SAProuter controls the access to your network (application level gateway), and, as such, is a useful enhancement to an existing firewall system (port filter).                   Figuratively speaking, the firewall acts as an impenetrable wall around your network. However, since particular types of connections need to penetrate this wall, a “hole” has to be made in the firewall. SAProuter assumes the control of this hole.                             Source: http://help.sap.com/saphelp_nw70/helpdata/en/4f/992d39446d11d189700000e8322d00/content.htm
INTEGRITY SAProuter
INTEGRITY SAProuter Permission From To Serv Pass P * * 3200 S * * 3200 D * + *
INTEGRITY SAProuter
INTEGRITY sap_router_portscanner.rb msf auxiliary(sap_router_portscanner) > show options Module options (auxiliary/scanner/sap/sap_router_portscanner): Name Current Setting Required Description ---- --------------- -------- ----------- CONCURRENCY 1 yes The number of concurrent ports to check per host INSTANCES 00-99 no SAP instance numbers to scan (NN in PORTS definition) MODE SAP_PROTO yes Connection Mode: SAP_PROTO or TCP (accepted: SAP_PROTO, TCP) PORTS 32NN yes Ports to scan (e.g. 3200-3299,5NN13) RHOSTS 192.168.1.175 yes The target address range or CIDR identifier SAPROUTER_HOST 192.168.1.25 yes SAPRouter address SAPROUTER_PORT 3299 yes SAPRouter TCP port THREADS 1 yes The number of concurrent threads msf auxiliary(sap_router_portscanner)
INTEGRITY DEMO
INTEGRITY
INTEGRITY Questions ?

Recomendados

Building Next Generation Cybersecurity with Today's Machine Learning Solutions
Building Next Generation Cybersecurity with Today's Machine Learning SolutionsBuilding Next Generation Cybersecurity with Today's Machine Learning Solutions
Building Next Generation Cybersecurity with Today's Machine Learning SolutionsAmazon Web Services
 
nuForj overview
nuForj overviewnuForj overview
nuForj overviewRudy N. Vogel
 
Partnerships in Cooperative Broadband by Kristy Szabo, VantagePoint
Partnerships in Cooperative Broadband by Kristy Szabo, VantagePointPartnerships in Cooperative Broadband by Kristy Szabo, VantagePoint
Partnerships in Cooperative Broadband by Kristy Szabo, VantagePointAnn Treacy
 
Delivering Seamless Customer Interaction Efficiency (CIE)
Delivering Seamless Customer Interaction Efficiency (CIE)Delivering Seamless Customer Interaction Efficiency (CIE)
Delivering Seamless Customer Interaction Efficiency (CIE)Prosodie Capgemini
 
Human Ingenuity Amplified by Intelligent Technology
Human Ingenuity Amplified by Intelligent TechnologyHuman Ingenuity Amplified by Intelligent Technology
Human Ingenuity Amplified by Intelligent TechnologyASPEX_BE
 
Top10 reasons SMEs chose SAP Business One
Top10 reasons SMEs chose SAP Business OneTop10 reasons SMEs chose SAP Business One
Top10 reasons SMEs chose SAP Business OneGustavo Zientek
 
Masterclass Machine Learning (Ronald Kleijn)
Masterclass Machine Learning (Ronald Kleijn)Masterclass Machine Learning (Ronald Kleijn)
Masterclass Machine Learning (Ronald Kleijn)Twan van den Broek
 
Why do most machine learning projects never make it to production
Why do most machine learning projects never make it to productionWhy do most machine learning projects never make it to production
Why do most machine learning projects never make it to productionCameron Vetter
 

Recomendados

Building Next Generation Cybersecurity with Today's Machine Learning Solutions
Building Next Generation Cybersecurity with Today's Machine Learning SolutionsBuilding Next Generation Cybersecurity with Today's Machine Learning Solutions
Building Next Generation Cybersecurity with Today's Machine Learning SolutionsAmazon Web Services
 
nuForj overview
nuForj overviewnuForj overview
nuForj overviewRudy N. Vogel
 
Partnerships in Cooperative Broadband by Kristy Szabo, VantagePoint
Partnerships in Cooperative Broadband by Kristy Szabo, VantagePointPartnerships in Cooperative Broadband by Kristy Szabo, VantagePoint
Partnerships in Cooperative Broadband by Kristy Szabo, VantagePointAnn Treacy
 
Delivering Seamless Customer Interaction Efficiency (CIE)
Delivering Seamless Customer Interaction Efficiency (CIE)Delivering Seamless Customer Interaction Efficiency (CIE)
Delivering Seamless Customer Interaction Efficiency (CIE)Prosodie Capgemini
 
Human Ingenuity Amplified by Intelligent Technology
Human Ingenuity Amplified by Intelligent TechnologyHuman Ingenuity Amplified by Intelligent Technology
Human Ingenuity Amplified by Intelligent TechnologyASPEX_BE
 
Top10 reasons SMEs chose SAP Business One
Top10 reasons SMEs chose SAP Business OneTop10 reasons SMEs chose SAP Business One
Top10 reasons SMEs chose SAP Business OneGustavo Zientek
 
Masterclass Machine Learning (Ronald Kleijn)
Masterclass Machine Learning (Ronald Kleijn)Masterclass Machine Learning (Ronald Kleijn)
Masterclass Machine Learning (Ronald Kleijn)Twan van den Broek
 
Why do most machine learning projects never make it to production
Why do most machine learning projects never make it to productionWhy do most machine learning projects never make it to production
Why do most machine learning projects never make it to productionCameron Vetter
 
#askSAP Analytics Innovations Community Call: Reimagine Analytics for the Dig...
#askSAP Analytics Innovations Community Call: Reimagine Analytics for the Dig...#askSAP Analytics Innovations Community Call: Reimagine Analytics for the Dig...
#askSAP Analytics Innovations Community Call: Reimagine Analytics for the Dig...SAP Analytics
 
Déjeuner Conférence - L'analyse prédictive agile avec SAP Predictive Analytic...
Déjeuner Conférence - L'analyse prédictive agile avec SAP Predictive Analytic...Déjeuner Conférence - L'analyse prédictive agile avec SAP Predictive Analytic...
Déjeuner Conférence - L'analyse prédictive agile avec SAP Predictive Analytic...agileDSS
 
SAP Predictive Analytics (Nico van der Hoeven)
SAP Predictive Analytics (Nico van der Hoeven)SAP Predictive Analytics (Nico van der Hoeven)
SAP Predictive Analytics (Nico van der Hoeven)Twan van den Broek
 
SAP Inside Track Walldorf 2018 - Demistify SAP Leonardo Machine Learning Foun...
SAP Inside Track Walldorf 2018 - Demistify SAP Leonardo Machine Learning Foun...SAP Inside Track Walldorf 2018 - Demistify SAP Leonardo Machine Learning Foun...
SAP Inside Track Walldorf 2018 - Demistify SAP Leonardo Machine Learning Foun...Abdelhalim DADOUCHE
 
SAP Leonardo Machine Learning - Making Business Applications Intelligent
SAP Leonardo Machine Learning - Making Business Applications IntelligentSAP Leonardo Machine Learning - Making Business Applications Intelligent
SAP Leonardo Machine Learning - Making Business Applications IntelligentNVIDIA
 
The Power of Collective Insight with SAP BI
The Power of Collective Insight with SAP BIThe Power of Collective Insight with SAP BI
The Power of Collective Insight with SAP BIWaldemar Adams
 
SAP Leonardo / Machine Learning (Iver van de Zand)
SAP Leonardo / Machine Learning (Iver van de Zand)SAP Leonardo / Machine Learning (Iver van de Zand)
SAP Leonardo / Machine Learning (Iver van de Zand)Twan van den Broek
 
Highway to S/4 HANA
Highway to S/4 HANAHighway to S/4 HANA
Highway to S/4 HANACapgemini
 
Integrating Strategic Planning with Portfolio Management
Integrating Strategic Planning with Portfolio ManagementIntegrating Strategic Planning with Portfolio Management
Integrating Strategic Planning with Portfolio ManagementSopheon
 
Can your insights deliver 171% ROI?
Can your insights deliver 171% ROI?Can your insights deliver 171% ROI?
Can your insights deliver 171% ROI?SAP Analytics
 
Innovate to Lead
Innovate to LeadInnovate to Lead
Innovate to LeadSAP Analytics
 
James Fisher, VP of analytics solutions, SAP, presents his keynote at SAPinsi...
James Fisher, VP of analytics solutions, SAP, presents his keynote at SAPinsi...James Fisher, VP of analytics solutions, SAP, presents his keynote at SAPinsi...
James Fisher, VP of analytics solutions, SAP, presents his keynote at SAPinsi...SAP Analytics
 
Enpersol corporate presentation
Enpersol corporate presentationEnpersol corporate presentation
Enpersol corporate presentationRajesh Sivapalan
 
ePlus Managed Services
ePlus Managed ServicesePlus Managed Services
ePlus Managed ServicesePlus
 
II-SDV 2014 Predictive Analytics and the Big Data Challenge (Andrei Grigoriev...
II-SDV 2014 Predictive Analytics and the Big Data Challenge (Andrei Grigoriev...II-SDV 2014 Predictive Analytics and the Big Data Challenge (Andrei Grigoriev...
II-SDV 2014 Predictive Analytics and the Big Data Challenge (Andrei Grigoriev...Dr. Haxel Consult
 
SQL Data Warehousing in SAP HANA (Sefan Linders)
SQL Data Warehousing in SAP HANA (Sefan Linders)SQL Data Warehousing in SAP HANA (Sefan Linders)
SQL Data Warehousing in SAP HANA (Sefan Linders)Twan van den Broek
 
#asksap Analytics Innovations Community Call: SAP BW/4HANA - the Big Data War...
#asksap Analytics Innovations Community Call: SAP BW/4HANA - the Big Data War...#asksap Analytics Innovations Community Call: SAP BW/4HANA - the Big Data War...
#asksap Analytics Innovations Community Call: SAP BW/4HANA - the Big Data War...SAP Analytics
 
SAP Cloud For Analytics Launch Event South Africa
SAP Cloud For Analytics Launch Event South AfricaSAP Cloud For Analytics Launch Event South Africa
SAP Cloud For Analytics Launch Event South AfricaWaldemar Adams
 
DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...
DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...
DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...Tunde Ogunkoya
 
Pen Testing SAP Critical Information Exposed
Pen Testing SAP Critical Information ExposedPen Testing SAP Critical Information Exposed
Pen Testing SAP Critical Information ExposedOnapsis Inc.
 
Delta g ric_consulting_presentation_erpscan_2015
Delta g ric_consulting_presentation_erpscan_2015Delta g ric_consulting_presentation_erpscan_2015
Delta g ric_consulting_presentation_erpscan_2015Tunde Ogunkoya
 
SAP Forensics Detecting White Collar Cyber-crime
SAP Forensics Detecting White Collar Cyber-crimeSAP Forensics Detecting White Collar Cyber-crime
SAP Forensics Detecting White Collar Cyber-crimeOnapsis Inc.
 

Más contenido relacionado

La actualidad más candente

#askSAP Analytics Innovations Community Call: Reimagine Analytics for the Dig...
#askSAP Analytics Innovations Community Call: Reimagine Analytics for the Dig...#askSAP Analytics Innovations Community Call: Reimagine Analytics for the Dig...
#askSAP Analytics Innovations Community Call: Reimagine Analytics for the Dig...SAP Analytics
 
Déjeuner Conférence - L'analyse prédictive agile avec SAP Predictive Analytic...
Déjeuner Conférence - L'analyse prédictive agile avec SAP Predictive Analytic...Déjeuner Conférence - L'analyse prédictive agile avec SAP Predictive Analytic...
Déjeuner Conférence - L'analyse prédictive agile avec SAP Predictive Analytic...agileDSS
 
SAP Predictive Analytics (Nico van der Hoeven)
SAP Predictive Analytics (Nico van der Hoeven)SAP Predictive Analytics (Nico van der Hoeven)
SAP Predictive Analytics (Nico van der Hoeven)Twan van den Broek
 
SAP Inside Track Walldorf 2018 - Demistify SAP Leonardo Machine Learning Foun...
SAP Inside Track Walldorf 2018 - Demistify SAP Leonardo Machine Learning Foun...SAP Inside Track Walldorf 2018 - Demistify SAP Leonardo Machine Learning Foun...
SAP Inside Track Walldorf 2018 - Demistify SAP Leonardo Machine Learning Foun...Abdelhalim DADOUCHE
 
SAP Leonardo Machine Learning - Making Business Applications Intelligent
SAP Leonardo Machine Learning - Making Business Applications IntelligentSAP Leonardo Machine Learning - Making Business Applications Intelligent
SAP Leonardo Machine Learning - Making Business Applications IntelligentNVIDIA
 
The Power of Collective Insight with SAP BI
The Power of Collective Insight with SAP BIThe Power of Collective Insight with SAP BI
The Power of Collective Insight with SAP BIWaldemar Adams
 
SAP Leonardo / Machine Learning (Iver van de Zand)
SAP Leonardo / Machine Learning (Iver van de Zand)SAP Leonardo / Machine Learning (Iver van de Zand)
SAP Leonardo / Machine Learning (Iver van de Zand)Twan van den Broek
 
Highway to S/4 HANA
Highway to S/4 HANAHighway to S/4 HANA
Highway to S/4 HANACapgemini
 
Integrating Strategic Planning with Portfolio Management
Integrating Strategic Planning with Portfolio ManagementIntegrating Strategic Planning with Portfolio Management
Integrating Strategic Planning with Portfolio ManagementSopheon
 
Can your insights deliver 171% ROI?
Can your insights deliver 171% ROI?Can your insights deliver 171% ROI?
Can your insights deliver 171% ROI?SAP Analytics
 
James Fisher, VP of analytics solutions, SAP, presents his keynote at SAPinsi...
James Fisher, VP of analytics solutions, SAP, presents his keynote at SAPinsi...James Fisher, VP of analytics solutions, SAP, presents his keynote at SAPinsi...
James Fisher, VP of analytics solutions, SAP, presents his keynote at SAPinsi...SAP Analytics
 
Enpersol corporate presentation
Enpersol corporate presentationEnpersol corporate presentation
Enpersol corporate presentationRajesh Sivapalan
 
ePlus Managed Services
ePlus Managed ServicesePlus Managed Services
ePlus Managed ServicesePlus
 
II-SDV 2014 Predictive Analytics and the Big Data Challenge (Andrei Grigoriev...
II-SDV 2014 Predictive Analytics and the Big Data Challenge (Andrei Grigoriev...II-SDV 2014 Predictive Analytics and the Big Data Challenge (Andrei Grigoriev...
II-SDV 2014 Predictive Analytics and the Big Data Challenge (Andrei Grigoriev...Dr. Haxel Consult
 
SQL Data Warehousing in SAP HANA (Sefan Linders)
SQL Data Warehousing in SAP HANA (Sefan Linders)SQL Data Warehousing in SAP HANA (Sefan Linders)
SQL Data Warehousing in SAP HANA (Sefan Linders)Twan van den Broek
 
#asksap Analytics Innovations Community Call: SAP BW/4HANA - the Big Data War...
#asksap Analytics Innovations Community Call: SAP BW/4HANA - the Big Data War...#asksap Analytics Innovations Community Call: SAP BW/4HANA - the Big Data War...
#asksap Analytics Innovations Community Call: SAP BW/4HANA - the Big Data War...SAP Analytics
 
SAP Cloud For Analytics Launch Event South Africa
SAP Cloud For Analytics Launch Event South AfricaSAP Cloud For Analytics Launch Event South Africa
SAP Cloud For Analytics Launch Event South AfricaWaldemar Adams
 

La actualidad más candente (18)

#askSAP Analytics Innovations Community Call: Reimagine Analytics for the Dig...
#askSAP Analytics Innovations Community Call: Reimagine Analytics for the Dig...#askSAP Analytics Innovations Community Call: Reimagine Analytics for the Dig...
#askSAP Analytics Innovations Community Call: Reimagine Analytics for the Dig...
 
Déjeuner Conférence - L'analyse prédictive agile avec SAP Predictive Analytic...
Déjeuner Conférence - L'analyse prédictive agile avec SAP Predictive Analytic...Déjeuner Conférence - L'analyse prédictive agile avec SAP Predictive Analytic...
Déjeuner Conférence - L'analyse prédictive agile avec SAP Predictive Analytic...
 
SAP Predictive Analytics (Nico van der Hoeven)
SAP Predictive Analytics (Nico van der Hoeven)SAP Predictive Analytics (Nico van der Hoeven)
SAP Predictive Analytics (Nico van der Hoeven)
 
SAP Inside Track Walldorf 2018 - Demistify SAP Leonardo Machine Learning Foun...
SAP Inside Track Walldorf 2018 - Demistify SAP Leonardo Machine Learning Foun...SAP Inside Track Walldorf 2018 - Demistify SAP Leonardo Machine Learning Foun...
SAP Inside Track Walldorf 2018 - Demistify SAP Leonardo Machine Learning Foun...
 
SAP Leonardo Machine Learning - Making Business Applications Intelligent
SAP Leonardo Machine Learning - Making Business Applications IntelligentSAP Leonardo Machine Learning - Making Business Applications Intelligent
SAP Leonardo Machine Learning - Making Business Applications Intelligent
 
The Power of Collective Insight with SAP BI
The Power of Collective Insight with SAP BIThe Power of Collective Insight with SAP BI
The Power of Collective Insight with SAP BI
 
SAP Leonardo / Machine Learning (Iver van de Zand)
SAP Leonardo / Machine Learning (Iver van de Zand)SAP Leonardo / Machine Learning (Iver van de Zand)
SAP Leonardo / Machine Learning (Iver van de Zand)
 
Highway to S/4 HANA
Highway to S/4 HANAHighway to S/4 HANA
Highway to S/4 HANA
 
Integrating Strategic Planning with Portfolio Management
Integrating Strategic Planning with Portfolio ManagementIntegrating Strategic Planning with Portfolio Management
Integrating Strategic Planning with Portfolio Management
 
Can your insights deliver 171% ROI?
Can your insights deliver 171% ROI?Can your insights deliver 171% ROI?
Can your insights deliver 171% ROI?
 
Innovate to Lead
Innovate to LeadInnovate to Lead
Innovate to Lead
 
James Fisher, VP of analytics solutions, SAP, presents his keynote at SAPinsi...
James Fisher, VP of analytics solutions, SAP, presents his keynote at SAPinsi...James Fisher, VP of analytics solutions, SAP, presents his keynote at SAPinsi...
James Fisher, VP of analytics solutions, SAP, presents his keynote at SAPinsi...
 
Enpersol corporate presentation
Enpersol corporate presentationEnpersol corporate presentation
Enpersol corporate presentation
 
ePlus Managed Services
ePlus Managed ServicesePlus Managed Services
ePlus Managed Services
 
II-SDV 2014 Predictive Analytics and the Big Data Challenge (Andrei Grigoriev...
II-SDV 2014 Predictive Analytics and the Big Data Challenge (Andrei Grigoriev...II-SDV 2014 Predictive Analytics and the Big Data Challenge (Andrei Grigoriev...
II-SDV 2014 Predictive Analytics and the Big Data Challenge (Andrei Grigoriev...
 
SQL Data Warehousing in SAP HANA (Sefan Linders)
SQL Data Warehousing in SAP HANA (Sefan Linders)SQL Data Warehousing in SAP HANA (Sefan Linders)
SQL Data Warehousing in SAP HANA (Sefan Linders)
 
#asksap Analytics Innovations Community Call: SAP BW/4HANA - the Big Data War...
#asksap Analytics Innovations Community Call: SAP BW/4HANA - the Big Data War...#asksap Analytics Innovations Community Call: SAP BW/4HANA - the Big Data War...
#asksap Analytics Innovations Community Call: SAP BW/4HANA - the Big Data War...
 
SAP Cloud For Analytics Launch Event South Africa
SAP Cloud For Analytics Launch Event South AfricaSAP Cloud For Analytics Launch Event South Africa
SAP Cloud For Analytics Launch Event South Africa
 

Similar a Security asap

DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...
DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...
DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...Tunde Ogunkoya
 
Pen Testing SAP Critical Information Exposed
Pen Testing SAP Critical Information ExposedPen Testing SAP Critical Information Exposed
Pen Testing SAP Critical Information ExposedOnapsis Inc.
 
Delta g ric_consulting_presentation_erpscan_2015
Delta g ric_consulting_presentation_erpscan_2015Delta g ric_consulting_presentation_erpscan_2015
Delta g ric_consulting_presentation_erpscan_2015Tunde Ogunkoya
 
SAP Forensics Detecting White Collar Cyber-crime
SAP Forensics Detecting White Collar Cyber-crimeSAP Forensics Detecting White Collar Cyber-crime
SAP Forensics Detecting White Collar Cyber-crimeOnapsis Inc.
 
Risks of Hosted SAP Environments
Risks of Hosted SAP EnvironmentsRisks of Hosted SAP Environments
Risks of Hosted SAP EnvironmentsVirtual Forge
 
Making APIs Secure Demands Tracing and Machine Learning to Rapidly Limit Dama...
Making APIs Secure Demands Tracing and Machine Learning to Rapidly Limit Dama...Making APIs Secure Demands Tracing and Machine Learning to Rapidly Limit Dama...
Making APIs Secure Demands Tracing and Machine Learning to Rapidly Limit Dama...Dana Gardner
 
ISACA 2016 Annual Conference SA_State of Risk_Tunde Ogunkoya_DeltaGRiC_Consul...
ISACA 2016 Annual Conference SA_State of Risk_Tunde Ogunkoya_DeltaGRiC_Consul...ISACA 2016 Annual Conference SA_State of Risk_Tunde Ogunkoya_DeltaGRiC_Consul...
ISACA 2016 Annual Conference SA_State of Risk_Tunde Ogunkoya_DeltaGRiC_Consul...Tunde Ogunkoya
 
Cyber-attacks to SAP Systems
Cyber-attacks to SAP SystemsCyber-attacks to SAP Systems
Cyber-attacks to SAP SystemsOnapsis Inc.
 
#askSAP GRC Innovations Community Call: Cybersecurity Risk and Governance
#askSAP GRC Innovations Community Call: Cybersecurity Risk and Governance#askSAP GRC Innovations Community Call: Cybersecurity Risk and Governance
#askSAP GRC Innovations Community Call: Cybersecurity Risk and GovernanceSAP Analytics
 
A Holistic View on SAP Security Why Securing Production Systems Is Not Enough
A Holistic View on SAP Security Why Securing Production Systems Is Not Enough A Holistic View on SAP Security Why Securing Production Systems Is Not Enough
A Holistic View on SAP Security Why Securing Production Systems Is Not EnoughOnapsis Inc.
 
Asset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt LabsAsset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt LabsRedhuntLabs2
 
Forcepoint - Analýza chování uživatelů
Forcepoint - Analýza chování uživatelůForcepoint - Analýza chování uživatelů
Forcepoint - Analýza chování uživatelůMarketingArrowECS_CZ
 
HP Software Performance Tour 2014 - Guarding against the Data Breach
HP Software Performance Tour 2014 - Guarding against the Data BreachHP Software Performance Tour 2014 - Guarding against the Data Breach
HP Software Performance Tour 2014 - Guarding against the Data BreachHP Enterprise Italia
 
Protect Your Customers Data from Cyberattacks
Protect Your Customers Data from CyberattacksProtect Your Customers Data from Cyberattacks
Protect Your Customers Data from CyberattacksSAP Customer Experience
 
Penetration Testing SAP Systems
Penetration Testing SAP SystemsPenetration Testing SAP Systems
Penetration Testing SAP SystemsOnapsis Inc.
 
Attacks to SAP Web Applications: Your crown jewels online (BlackHat DC)
Attacks to SAP Web Applications: Your crown jewels online (BlackHat DC) Attacks to SAP Web Applications: Your crown jewels online (BlackHat DC)
Attacks to SAP Web Applications: Your crown jewels online (BlackHat DC)Onapsis Inc.
 
10 Best DevSecOps Tools for 2023
10 Best DevSecOps Tools for 202310 Best DevSecOps Tools for 2023
10 Best DevSecOps Tools for 2023SofiaCarter4
 
Security in the Context of Business Processes: Thoughts from a System Vendor'...
Security in the Context of Business Processes: Thoughts from a System Vendor'...Security in the Context of Business Processes: Thoughts from a System Vendor'...
Security in the Context of Business Processes: Thoughts from a System Vendor'...Achim D. Brucker
 

Similar a Security asap (20)

DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...
DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...
DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...
 
Pen Testing SAP Critical Information Exposed
Pen Testing SAP Critical Information ExposedPen Testing SAP Critical Information Exposed
Pen Testing SAP Critical Information Exposed
 
Delta g ric_consulting_presentation_erpscan_2015
Delta g ric_consulting_presentation_erpscan_2015Delta g ric_consulting_presentation_erpscan_2015
Delta g ric_consulting_presentation_erpscan_2015
 
SAP Forensics Detecting White Collar Cyber-crime
SAP Forensics Detecting White Collar Cyber-crimeSAP Forensics Detecting White Collar Cyber-crime
SAP Forensics Detecting White Collar Cyber-crime
 
Risks of Hosted SAP Environments
Risks of Hosted SAP EnvironmentsRisks of Hosted SAP Environments
Risks of Hosted SAP Environments
 
Making APIs Secure Demands Tracing and Machine Learning to Rapidly Limit Dama...
Making APIs Secure Demands Tracing and Machine Learning to Rapidly Limit Dama...Making APIs Secure Demands Tracing and Machine Learning to Rapidly Limit Dama...
Making APIs Secure Demands Tracing and Machine Learning to Rapidly Limit Dama...
 
ISACA 2016 Annual Conference SA_State of Risk_Tunde Ogunkoya_DeltaGRiC_Consul...
ISACA 2016 Annual Conference SA_State of Risk_Tunde Ogunkoya_DeltaGRiC_Consul...ISACA 2016 Annual Conference SA_State of Risk_Tunde Ogunkoya_DeltaGRiC_Consul...
ISACA 2016 Annual Conference SA_State of Risk_Tunde Ogunkoya_DeltaGRiC_Consul...
 
Cyber-attacks to SAP Systems
Cyber-attacks to SAP SystemsCyber-attacks to SAP Systems
Cyber-attacks to SAP Systems
 
#askSAP GRC Innovations Community Call: Cybersecurity Risk and Governance
#askSAP GRC Innovations Community Call: Cybersecurity Risk and Governance#askSAP GRC Innovations Community Call: Cybersecurity Risk and Governance
#askSAP GRC Innovations Community Call: Cybersecurity Risk and Governance
 
A Holistic View on SAP Security Why Securing Production Systems Is Not Enough
A Holistic View on SAP Security Why Securing Production Systems Is Not Enough A Holistic View on SAP Security Why Securing Production Systems Is Not Enough
A Holistic View on SAP Security Why Securing Production Systems Is Not Enough
 
Asset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt LabsAsset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt Labs
 
Securing mobile apps in a BYOD world
Securing mobile apps in a BYOD worldSecuring mobile apps in a BYOD world
Securing mobile apps in a BYOD world
 
Forcepoint - Analýza chování uživatelů
Forcepoint - Analýza chování uživatelůForcepoint - Analýza chování uživatelů
Forcepoint - Analýza chování uživatelů
 
HP Software Performance Tour 2014 - Guarding against the Data Breach
HP Software Performance Tour 2014 - Guarding against the Data BreachHP Software Performance Tour 2014 - Guarding against the Data Breach
HP Software Performance Tour 2014 - Guarding against the Data Breach
 
Protect Your Customers Data from Cyberattacks
Protect Your Customers Data from CyberattacksProtect Your Customers Data from Cyberattacks
Protect Your Customers Data from Cyberattacks
 
Penetration Testing SAP Systems
Penetration Testing SAP SystemsPenetration Testing SAP Systems
Penetration Testing SAP Systems
 
Attacks to SAP Web Applications: Your crown jewels online (BlackHat DC)
Attacks to SAP Web Applications: Your crown jewels online (BlackHat DC) Attacks to SAP Web Applications: Your crown jewels online (BlackHat DC)
Attacks to SAP Web Applications: Your crown jewels online (BlackHat DC)
 
Isms5
Isms5Isms5
Isms5
 
10 Best DevSecOps Tools for 2023
10 Best DevSecOps Tools for 202310 Best DevSecOps Tools for 2023
10 Best DevSecOps Tools for 2023
 
Security in the Context of Business Processes: Thoughts from a System Vendor'...
Security in the Context of Business Processes: Thoughts from a System Vendor'...Security in the Context of Business Processes: Thoughts from a System Vendor'...
Security in the Context of Business Processes: Thoughts from a System Vendor'...
 

Más de morisson

(Mis)trusting and (ab)using ssh
(Mis)trusting and (ab)using ssh(Mis)trusting and (ab)using ssh
(Mis)trusting and (ab)using sshmorisson
 
Mobile Securty - An Oxymoron?
Mobile Securty - An Oxymoron?Mobile Securty - An Oxymoron?
Mobile Securty - An Oxymoron?morisson
 
The Thing That Should Not Be
The Thing That Should Not BeThe Thing That Should Not Be
The Thing That Should Not Bemorisson
 
Honeypot Farms using Ethernet Bridging over a TCP Connection
Honeypot Farms using Ethernet Bridging over a TCP Connection Honeypot Farms using Ethernet Bridging over a TCP Connection
Honeypot Farms using Ethernet Bridging over a TCP Connection morisson
 
Virtualization & Security
Virtualization & SecurityVirtualization & Security
Virtualization & Securitymorisson
 
Crash Course In Brain Surgery
Crash Course In Brain SurgeryCrash Course In Brain Surgery
Crash Course In Brain Surgerymorisson
 

Más de morisson (7)

(Mis)trusting and (ab)using ssh
(Mis)trusting and (ab)using ssh(Mis)trusting and (ab)using ssh
(Mis)trusting and (ab)using ssh
 
Mobile Securty - An Oxymoron?
Mobile Securty - An Oxymoron?Mobile Securty - An Oxymoron?
Mobile Securty - An Oxymoron?
 
APT
APTAPT
APT
 
The Thing That Should Not Be
The Thing That Should Not BeThe Thing That Should Not Be
The Thing That Should Not Be
 
Honeypot Farms using Ethernet Bridging over a TCP Connection
Honeypot Farms using Ethernet Bridging over a TCP Connection Honeypot Farms using Ethernet Bridging over a TCP Connection
Honeypot Farms using Ethernet Bridging over a TCP Connection
 
Virtualization & Security
Virtualization & SecurityVirtualization & Security
Virtualization & Security
 
Crash Course In Brain Surgery
Crash Course In Brain SurgeryCrash Course In Brain Surgery
Crash Course In Brain Surgery
 

Último

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 

Último (20)

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

Security asap

  • 1. INTEGRITY Security (A)SAP (very) Short introduction to SAP security Bruno Morisson <bm@integrity.pt>
  • 2. INTEGRITY About Consultant and Partner @ INTEGRITY Leading Consulting and Penetration Testing engagements Breaking things, and finding how to fix them OSCP, CISSP-ISSMP, CISA, ISO27001LA Currently doing the MSc in Information Security @ Royal Holloway, University of London. Organizing BSidesLisbon 2013 @morisson http://www.linkedin.com/in/morisson
  • 3. INTEGRITY What is SAP ? SAP, started in 1972 by five former IBM employees in Mannheim, Germany, states that it is the world's largest inter-enterprise software company and the world's fourth-largest independent software supplier, overall. The original name for SAP was German: Systeme, Anwendungen, Produkte, German for "Systems Applications and Products." The original SAP idea was to provide customers with the ability to interact with a common corporate database for a comprehensive range of applications. Gradually, the applications have been assembled and today many corporations, including IBM and Microsoft, are using SAP products to run their own businesses. Source: http://searchsap.techtarget.com/definition/SAP
  • 4. INTEGRITY Say that again?? Customer Relationship Management (CRM) Enterprise Resource Planning (ERP) Product Lifecycle Management (PLM) Supply Chain Management (SCM) Supplier Relationship Management (SRM)
  • 5. INTEGRITY tl;dr Extremely complex software that huge enterprises depend on for business critical applications
  • 11. INTEGRITY How often do you upgrade a complex business critical application ?
  • 12. INTEGRITY Common Problems Integration Default users/passwords Misconfigured permissions Lack of authentication Cleartext protocols Command Injection Buffer overflows SQLi XSS XXE SSRF ...
  • 13. INTEGRITY Standing on the shoulders of giants Chris John Riley - SAP (in)Security http://www.slideshare.net/ChrisJohnRiley/sap-insecurity-scrubbing-sap-clean-with-soap David Hartley (nmonkee) - SAP Slappin’ http://labs.mwrinfosecurity.com/publications/2012/04/27/sap-slapping/ Mariano di Croce - The SAProuter http://conference.hitb.org/hitbsecconf2010ams/materials/D2T2%20-%20Mariano%20Nunez %20Di%20Croce%20-%20SAProuter%20.pdf Alexander Polyakov - Breaking SAP portal http://erpscan.com/presentations/breaking-sap-portal-from-hashdays-2012/
  • 14. INTEGRITY So I sneezed... SAP Security Note 1816536 / CVE-2013-3319
  • 15. INTEGRITY SAP Security Note 1816536 21 Aug 2012 – Reported vulnerability to vendor 23 Aug 2012 – Vendor acknowledged vulnerability 22 Oct 2012 – Vendor contact, with status update 23 Jan 2013 – Contacted vendor, requesting status update 23 Jan 2013 – Vendor replied with status update 9 Apr 2013 – Vendor releases patch 9 Jul 2013 – Advisory released
  • 16. INTEGRITY SAP Security Note 1816536 Summary Symptom An attacker can discover information relating to used Operating System Version, Databases Version who uses SAP Host Agent. This information could be used to allow the attacker to specialize their attacks against the Operating System and Databases Software.
  • 20. INTEGRITY SAProuter What is SAProuter ? SAProuter is an SAP program that acts as an intermediate station (proxy) in a network connection between SAP Systems, or between SAP Systems and external networks. SAProuter controls the access to your network (application level gateway), and, as such, is a useful enhancement to an existing firewall system (port filter).                   Figuratively speaking, the firewall acts as an impenetrable wall around your network. However, since particular types of connections need to penetrate this wall, a “hole” has to be made in the firewall. SAProuter assumes the control of this hole.                             Source: http://help.sap.com/saphelp_nw70/helpdata/en/4f/992d39446d11d189700000e8322d00/content.htm
  • 22. INTEGRITY SAProuter Permission From To Serv Pass P * * 3200 S * * 3200 D * + *
  • 24. INTEGRITY sap_router_portscanner.rb msf auxiliary(sap_router_portscanner) > show options Module options (auxiliary/scanner/sap/sap_router_portscanner): Name Current Setting Required Description ---- --------------- -------- ----------- CONCURRENCY 1 yes The number of concurrent ports to check per host INSTANCES 00-99 no SAP instance numbers to scan (NN in PORTS definition) MODE SAP_PROTO yes Connection Mode: SAP_PROTO or TCP (accepted: SAP_PROTO, TCP) PORTS 32NN yes Ports to scan (e.g. 3200-3299,5NN13) RHOSTS 192.168.1.175 yes The target address range or CIDR identifier SAPROUTER_HOST 192.168.1.25 yes SAPRouter address SAPROUTER_PORT 3299 yes SAPRouter TCP port THREADS 1 yes The number of concurrent threads msf auxiliary(sap_router_portscanner)