Title
SAP’s Network Protocols Revisited
Authors
Martin Gallo
In
Troopers 2014 Conference
Date published
2014-03-19
Keywords
SAP protocols vulnerabilities pysap wireshark nmap

Abstract

What network protocols does my SAP system use? Are those services secure from a network perspective? Are old and well-known attacks still relevant? What’s the remote attack surface of my SAP environment? Do I really know my level of exposure? Are there tools available to assess the security of the services?
This talk is the result of my journey trying to answer these questions and understanding how the different SAP network protocols work, after spending some of my spare time during the last months working on expanding my knowledge about the network attack surface of SAP systems, reversing some of the protocols and implementing tools and libraries to work with them.
The talk will bring some details and realistic attack vectors regarding the different networks protocols available on both new and classic SAP installations. Some hardening and mitigation ideas will be discussed aimed at increasing the defenses against these threats and attacks.

Attachments

nmap-service-probes - Nmap Probes