Reverse Engineering ABAP Bytecode for Malware Analysis

S/4 HANA is the next generation ERP business suite by SAP. It relies on ABAP as the core programming language. This talk will demonstrate how the ABAP compiler works, how an attacker can inject malicious bytecode, and how a defender can spot tampered business logic by looking at the bytecode.

A toolset supporting the analysis and disassembling of ABAP bytecode will be released together with the talk.

About the Speakers