SAP Security: Compromise Corporate Networks Undetected! #shorts

You can fully compromise the corporate network without even being detected. Um so the SAP killer, you just basically provide the path to the SAP GUI, and then you can specify the connection. And it will automate you a lot of that stuff. So what we do, it looks right now if we are a legitimate user grasping through that SAP system. Which is not worse, but uh SAP GUI is a bit complex to handle, that's why we go that way. So in the background, you see it a bit down there, it's blinking in orange. It runs in the background for us on the SAP GUI. What we can do now, here are some example protocol says just

execute and check if we can execute operating system commands, like who am I? And >> [sighs and gasps] >> yeah, what you guys think? I hope it works. Did it execute anything? I have a demo video that works yes, 2 days ago. Yeah, it's always. Yeah. That didn't help. Uh Let's run it again. There we go. We have the username, which is our service account where the SAP is running on. We could now break for example the operating system again, no EDR usually or AV, so you do not need to be a set up any AV bypass and yeah, you can fully compromise the corporate network without even being detected on a bad day. There are mechanism in place, but the

biggest problem for SAP is not that there is like an exploit. The This is also case especially for Java, but 99% of the attacks against SAP is misconfiguration. Because it's too complex and you can easily mess it up and it sometimes is too annoying to configure it securely.