Assessing the security of SAP ecosystems with bizploit: The SAP Management Console

The SAP Management Console (SAP MC) is the centralized system management component. It allows you to monitor and control each SAP instance, display log and trace files, profiles and other parameters. You can also monitor system alerts and deep information about memory usage and processes in the system (e.g. Java VM® garbage collection and heap memory).

In this post, we will be running bizploit modules, if you are not familiar with the bizploit framework, consider reading this introductory post.

MC Assessment #1: Getting Password Policies

As seen in the figure below it is possible to run the mcParameterValue exploit in order to retrieve all profile parameters. Keep in mind that, to figure out the vulnerability id, you should list all the exploits under the exploit option and check the Exploitable Vulnerabilities column for the mcParameterValue row.  We’ll use this module in order to discover the SAP password policies being used.

Getting all profile parameters - Bizploit

Getting all profile parameters with Bizploit.

In order to look for the Password Policy parameters among the 1600 profile parameters we need to find those starting with login/. We open the file saved by Bizploit and the parameters can be found there. Below we list some of the retrieved Password Policy parameters:

Continue reading

Share Button