Home page logo

fulldisclosure logo Full Disclosure mailing list archives

[Onapsis Research Labs] New SAP Security In-Depth issue and Tool - The Silent Threat: SAP Backdoors and Rootkits
From: Onapsis Research Labs <research () onapsis com>
Date: Wed, 09 Mar 2011 18:20:52 -0300

Hash: SHA1

Dear colleague,

We are happy to announce the third issue of the Onapsis SAP Security In-Depth publication.

Onapsis' SAP Security In-Depth is a free technical publication leaded by the Onapsis Research Labs with the purpose of 
providing specialized
information about the current and future risks in the SAP security field, allowing all the different actors (financial 
managers, information security
managers, SAP administrators, auditors, consultants and the general professional community) to better understand the 
involved risks  and the
techniques and tools available to assess and mitigate them.

In this edition: "The Silent Threat: SAP Backdoors and Rootkits", by Mariano Nuñez Di Croce.

"Backdoors and rootkits have existed for a long time. From PCI cards to the most modern operating systems, almost every 
system is susceptible of being
attacked and modified to hold a malicious program that will secure future access for the attacker and even perform 
unauthorized activities, while
trying to remain undetected.

As SAP business solutions run the most critical business information and processes in the organization, a backdoor in 
this platform would imply severe
impacts for the business. If the organization is not securing its systems properly, it would be possible for a remote, 
anonymous attacker to  perform
continuous espionage, fraud and sabotage attacks through the injection of a backdoor or rootkit in the SAP platform.

This publication analyzes some of the different attack vectors that malicious parties can use to try to inject 
backdoors and rootkits in the SAP
platform, in order to understand which are the necessary protection measures that need to be implemented to protect the 
business crown jewels."

The full publication can be downloaded from http://www.onapsis.com/resources/get.php?resid=ssid03

At the same time, we have released a new free tool: Onapsis Integrity Analyzer for SAP.
This proof-of-concept will help you identify future unauthorized modifications of standard ABAP programs in your SAP 
systems, which could be the
result of backdoor or rootkit attacks. The tool can be downloaded from http://www.onapsis.com/ianalyzer

We hope you can enjoy these new resources!
We would also love to get your feedback. Feel free to write us back with your comments and ideas.

Kindest regards,

- -- 
- --------------------------------------------
The Onapsis Research Labs Team

Onapsis S.R.L
Email: research () onapsis com
Web: www.onapsis.com
PGP: http://www.onapsis.com/pgp/research.asc
- --------------------------------------------
Version: GnuPG v1.4.10 (GNU/Linux)


Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
  • [Onapsis Research Labs] New SAP Security In-Depth issue and Tool - The Silent Threat: SAP Backdoors and Rootkits Onapsis Research Labs (Mar 09)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]