mailing list archives
[Onapsis Research Labs] New SAP Security In-Depth issue and Tool - The Silent Threat: SAP Backdoors and Rootkits
From: Onapsis Research Labs <research () onapsis com>
Date: Wed, 09 Mar 2011 18:20:52 -0300
-----BEGIN PGP SIGNED MESSAGE-----
We are happy to announce the third issue of the Onapsis SAP Security In-Depth publication.
Onapsis' SAP Security In-Depth is a free technical publication leaded by the Onapsis Research Labs with the purpose of
information about the current and future risks in the SAP security field, allowing all the different actors (financial
managers, information security
managers, SAP administrators, auditors, consultants and the general professional community) to better understand the
involved risks and the
techniques and tools available to assess and mitigate them.
In this edition: "The Silent Threat: SAP Backdoors and Rootkits", by Mariano Nuñez Di Croce.
"Backdoors and rootkits have existed for a long time. From PCI cards to the most modern operating systems, almost every
system is susceptible of being
attacked and modified to hold a malicious program that will secure future access for the attacker and even perform
unauthorized activities, while
trying to remain undetected.
As SAP business solutions run the most critical business information and processes in the organization, a backdoor in
this platform would imply severe
impacts for the business. If the organization is not securing its systems properly, it would be possible for a remote,
anonymous attacker to perform
continuous espionage, fraud and sabotage attacks through the injection of a backdoor or rootkit in the SAP platform.
This publication analyzes some of the different attack vectors that malicious parties can use to try to inject
backdoors and rootkits in the SAP
platform, in order to understand which are the necessary protection measures that need to be implemented to protect the
business crown jewels."
The full publication can be downloaded from http://www.onapsis.com/resources/get.php?resid=ssid03
At the same time, we have released a new free tool: Onapsis Integrity Analyzer for SAP.
This proof-of-concept will help you identify future unauthorized modifications of standard ABAP programs in your SAP
systems, which could be the
result of backdoor or rootkit attacks. The tool can be downloaded from http://www.onapsis.com/ianalyzer
We hope you can enjoy these new resources!
We would also love to get your feedback. Feel free to write us back with your comments and ideas.
The Onapsis Research Labs Team
Email: research () onapsis com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
-----END PGP SIGNATURE-----
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- [Onapsis Research Labs] New SAP Security In-Depth issue and Tool - The Silent Threat: SAP Backdoors and Rootkits Onapsis Research Labs (Mar 09)