Showing posts from March, 2019

SAP Backdoors {placeholder Post]

This is a placeholder for future post, on backdooring SAP servers:

1. SAP profile SETENV_xx parameter
- if get local access, or SAP level access can cat or echo a line into profile parameter file
- concatenated command for SETENV_+xx param

2. Using ABAP program + SM37
- ABAP program to fetch comamnd from a remote server (HTTP-GET ABAP Function Module)
- schedule job every 2 minits interval
- for that job, set spool recipient to remote attacker email so output can be sent over
- Pre-req: SCOT configuration, Auth for SM36, SE38

to be continued..