Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Pwning Oracle EBS for Real Profit

Ekoparty Security Conference via YouTube

Overview

Explore a comprehensive conference talk from Ekoparty Security Conference 2019 that delves into exploiting Oracle E-Business Suite (EBS) for financial gain. Learn about two critical vulnerabilities discovered by security researchers Gaston Traberg and Martin Doyhenard: a Java Deserialization leading to SQL injection and an Arbitrary File Upload allowing OS command execution. Understand how attackers can leverage ERP systems to process fraudulent transactions and generate real cashable checks. Gain insights into the potential risks faced by medium to large organizations using ERP applications for sensitive business operations. Discover the intersection between technical exploitation and insider knowledge of financial systems, and witness a live demonstration of tricking a target system into printing an actual check.

Syllabus

Gaston Traberg & Martin Doyhenard - Pwning Oracle EBS for Real Profit - Ekoparty 2019

Taught by

Ekoparty Security Conference

Reviews

Start your review of Pwning Oracle EBS for Real Profit

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.