Article

Cracking SAP password – Introduction

16-01-2015

Introduction

In this article, we will discuss about how to efficiently crack the users passwords of a SAP system. First thing first, we will take a look on where to find the hashes on the database, that is in which tables we can find the hashes, then we’ll take a look on the transactions we can use to query only the data we effectively need. Finally, we will describe various methods, in a step-by-step fashion, to maximize the number of cracked passwords so we can enter into the SAP system even with administrator privileges.

We will begin with a brief description on SAP systems, and then we will proceed cracking the passwords of a SAP portal.

SAP is one of the largest ISV (Independent Software Vendor) in the world and it is the world leader in enterprise applications in terms of software and software-related service revenue. In 2013, SAP placed themselves in third place in Forbes’s annual world ranking based on sales, profit, assets and market value.

SAP is primarily known for its Enterprises Resource Planning (ERP) products but it also developed various products such as SAP Business Warehouse (SAP BW), SAP Process Integration (SAP PI) and many others. We can safely say that SAP handles all the critical business processes of its customers, which includes sales, purchasing, supply management, and financial aspects processes.

It is rather clear that, by compromising a SAP system, you strike a blow in the focal point of a company’s business, exactly in the place where you will expect the cash to flow so it is vital, to avoid unauthorized access, that a SAP system has very strong passwords policies.

SAP Application Server are composed of two elements, that is: ABAP and JAVA. We’ll take a closer look at ABAP systems first, describing methods to crack passwords, how to retrieve them from the database, the tools used for the cracking process, the rules and the wordlists that will aid us in our quest to crack the maximum amount of passwords. Then we will take a good look on the JAVA Application Server and, of course, how to proceed in order to successfully crack the passwords.

Cracking SAP password saga

1. Introduction
2. ABAP Algorithms – BCODE and PASSCODE
3. How to retrieve hashes from a SAP ABAP System
4. The Wordlist
5. Cracking BCODE
6. Cracking PASSCODE
7. How to retrieve hashes from SAP Portal JAVA Application
8. Conclusions

Co-Author: Panfilo Salutari

L'hai trovato interessante?