SAP RCE - The Agent Who Spoke Too Much

SAP RCE - The Agent Who Spoke Too Much

Hack In The Box Security Conference via YouTube Direct link

Introduction - Solman

2 of 14

2 of 14

Introduction - Solman

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

SAP RCE - The Agent Who Spoke Too Much

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Introduction - Solman
  3. 3 Introduction - SMDAgent
  4. 4 Why ? - First contact
  5. 5 Why ? - SAP Secure Storage
  6. 6 Authentication bypass - P4 Service
  7. 7 Authentication bypass - Key
  8. 8 Authentication bypass - Timestamp token
  9. 9 Authentication bypass - Start time
  10. 10 Authentication bypass - Attack P4S
  11. 11 OS command injection
  12. 12 Tamper the SOLMAN Security Report
  13. 13 Recommendations
  14. 14 Conclusion

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.