![](https://ccweb.imgix.net/https%3A%2F%2Fwww.classcentral.com%2Fimages%2Ficon-black-friday.png?auto=format&ixlib=php-4.1.0&s=fe56b83c82babb2f8fce47a2aed2f85d)
Overview
![](https://ccweb.imgix.net/https%3A%2F%2Fwww.classcentral.com%2Fimages%2Ficon-black-friday.png?auto=format&ixlib=php-4.1.0&s=fe56b83c82babb2f8fce47a2aed2f85d)
Syllabus
Intro
2 ERP Scan
Enterprise applications: Definitions
Business-critical systems architecture
Secure corporate network
Corporate network attack scenario
SSRF History: Basics
SSRF history: World research
Trusted SSRF: Oracle Database
SSRF Types: SAP
Remote SSRF: Subtypes
Simple Remote SSRF: Login bruteforce
XXE Attacks on other services
Full Remote SSRF
Remote SSRF threats
XXE Tunneling to Verb Tampering
XXE Tunneling to Buffer Overflow (Hint 2)
XXE Tunneling to Buffer Overflow: Packet B
XXE Tunneling to Buffer Overflow (Hint 3)
XXE Tunneling to Rsh
Bypass SAP security restrictions
SAP Gateway server security bypass: Exploit
SAP Message Server security bypass
Oracle DB security bypass
Conclusion?
Purpose
How is it working?
Few steps
Action: Test
Action: Scan
Action: Attack
DEMO
Taught by
Black Hat