An Unauthenticated Journey to Root - Pwning Your Company's Enterprise Software Servers
Offered By: Black Hat via YouTube
Course Description
Overview
Explore a critical cybersecurity presentation from Black Hat that delves into vulnerabilities in SAP's enterprise software. Discover how unauthenticated attackers can potentially gain root access to company servers through the exploitation of the substitution manager and eemTechnical components. Follow the step-by-step attack process, learn about prevention strategies, and understand the far-reaching implications for Fortune 1000 companies relying on SAP's vital business processing systems. Gain valuable insights into securing complex enterprise software environments and mitigating risks associated with widely-used vendor solutions.
Syllabus
Introduction
Agenda
What is the substitution manager
Where to start
What iseem
Technical Analysis
Attack Steps
New Agent
Root Command
Prevention
Conclusion
Questions
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube