Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 10:35:21 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1268143585&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Fpapers%2Fgeneral%2Fsniffing_diag.pdf%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1268143585.1338201321.1338201321.1338201321.1%3B%2B__utmz%3D32867617.1338201321.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/79338/sniffing_diag.pdf http://packetstormsecurity.org/files/79338/sniffing_diag.pdf http://packetstormsecurity.org/files/79338/Sniffing-SAP-GUI-Passwords.html Fri, 17 Jul 2009 20:47:08 GMT This paper describes a practical attack against the protocol used by SAP for client server communication. The purpose of this paper is to clarify the fact that the protocol does not sufficiently protect sensitive information like user names and passwords.