[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] [Onapsis Research Labs] New SAP Security In-Depth issue and Tool - The Silent Threat: SAP Backdoors and Rootkits

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] [Onapsis Research Labs] New SAP Security In-Depth issue and Tool - The Silent Threat: SAP Backdoors and Rootkits
From: Onapsis Research Labs <research@xxxxxxxxxxx>
Date: Wed, 09 Mar 2011 18:20:52 -0300

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dear colleague,

We are happy to announce the third issue of the Onapsis SAP Security In-Depth 
publication.

Onapsis' SAP Security In-Depth is a free technical publication leaded by the 
Onapsis Research Labs with the purpose of providing specialized
information about the current and future risks in the SAP security field, 
allowing all the different actors (financial managers, information security
managers, SAP administrators, auditors, consultants and the general 
professional community) to better understand the involved risks  and the
techniques and tools available to assess and mitigate them.

In this edition: "The Silent Threat: SAP Backdoors and Rootkits", by Mariano 
Nuñez Di Croce.

"Backdoors and rootkits have existed for a long time. From PCI cards to the 
most modern operating systems, almost every system is susceptible of being
attacked and modified to hold a malicious program that will secure future 
access for the attacker and even perform unauthorized activities, while
trying to remain undetected.

As SAP business solutions run the most critical business information and 
processes in the organization, a backdoor in this platform would imply severe
impacts for the business. If the organization is not securing its systems 
properly, it would be possible for a remote, anonymous attacker to  perform
continuous espionage, fraud and sabotage attacks through the injection of a 
backdoor or rootkit in the SAP platform.

This publication analyzes some of the different attack vectors that malicious 
parties can use to try to inject backdoors and rootkits in the SAP
platform, in order to understand which are the necessary protection measures 
that need to be implemented to protect the business crown jewels."

The full publication can be downloaded from 
http://www.onapsis.com/resources/get.php?resid=ssid03

At the same time, we have released a new free tool: Onapsis Integrity Analyzer 
for SAP.
This proof-of-concept will help you identify future unauthorized modifications 
of standard ABAP programs in your SAP systems, which could be the
result of backdoor or rootkit attacks. The tool can be downloaded from 
http://www.onapsis.com/ianalyzer

We hope you can enjoy these new resources!
We would also love to get your feedback. Feel free to write us back with your 
comments and ideas.

Kindest regards,

- -- 
- --------------------------------------------
The Onapsis Research Labs Team

Onapsis S.R.L
Email: research@xxxxxxxxxxx
Web: www.onapsis.com
PGP: http://www.onapsis.com/pgp/research.asc
- --------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAk137zQACgkQz3i6WNVBcDV0RACdHgigAxhnix2h31TYRI7jpEAH
wDMAn2k6iiVK92RlVmkwcDGB5d2VCE8j
=oPVY
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] need good web browser fuzzing tools
Next by Date: [Full-disclosure] Accidental disclosure of the French Ministry of Foreign affairs computer security plans
Previous by thread: [Full-disclosure] need good web browser fuzzing tools
Next by thread: [Full-disclosure] Accidental disclosure of the French Ministry of Foreign affairs computer security plans
Index(es):
- Date
- Thread