Penetration Testing
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
SAP post exploitation Mar 14 2014 02:58AM
Brian Milliron (Brian ECRSecurity com)
Recently I ran across some vulnerable AIX SAP servers on a test and
managed to get admin access on the Web GUI. However, I know very little
about SAP and was unable to leverage SAP admin to get access to the
Oracle DB (it uses a separate credential store) or root on the OS.
Looking through all the ...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus