I hacked the @SAP AI platform by changing my UID to 1337.

…Yeah, really.

This led to admin permissions on several SAP systems, but also access to customers’ secrets and private AI files 👀

This is the story of #SAPwned 🧵⬇️ SAP AI Core allowed me to run AI training procedures – but with heavy restrictions.

🚫 I couldn’t run as root
🚫 Interesting permissions were removed
🚫 Access to the internal network was blocked by an @IstioMesh firewall

So I wondered – how does this firewall actually work?

We found a public AI repo on GitHub, exposing over 38TB of private files – including personal computer backups of @Microsoft employees 👨‍💻

How did it happen? 👀
A single misconfigured token in @Azure Storage is all it takes 🧵⬇️ Microsoft’s AI research team published open-source training data using “SAS tokens” – sharable links granting access to Azure Storage data.

Only instead of limiting access to specific files, the token granted access to the ENTIRE account, including *18* storage containers 🤯

I hacked into a @bing CMS that allowed me to alter search results and take over millions of @Office365 accounts.
How did I do it? Well, it all started with a simple click in @Azure… 👀
This is the story of #BingBang 🧵⬇️ My research started when our Research Team at @wiz_io first noticed a strange configuration in Azure. A single checkbox is all that separates an app from becoming “multi-tenant” – which by default, allows ALL USERS to log in.