The SAP Management Console (SAP MC) is the centralized system management component. It allows you to monitor and control each SAP instance, display log and trace files, profiles and other parameters. You can also monitor system alerts and deep information about memory usage and processes in the system (e.g. Java VM® garbage collection and heap memory).
In this post, we will be running bizploit modules, if you are not familiar with the bizploit framework, consider reading this introductory post.
MC Assessment #1: Getting Password Policies
As seen in the figure below it is possible to run the
mcParameterValue exploit in order to retrieve all profile parameters. Keep in mind that, to figure out the vulnerability id, you should list all the exploits under the exploit option and check the Exploitable Vulnerabilities column for the
mcParameterValue row. We’ll use this module in order to discover the SAP password policies being used.
In order to look for the Password Policy parameters among the 1600 profile parameters we need to find those starting with
login/. We open the file saved by Bizploit and the parameters can be found there. Below we list some of the retrieved Password Policy parameters: