SAP Backdoors {placeholder Post]

-
This is a placeholder for future post, on backdooring SAP servers:

1. SAP profile SETENV_xx parameter
- if get local access, or SAP level access can cat or echo a line into profile parameter file
- concatenated command for SETENV_+xx param

2. Using ABAP program + SM37
- ABAP program to fetch comamnd from a remote server (HTTP-GET ABAP Function Module)
- schedule job every 2 minits interval
- for that job, set spool recipient to remote attacker email so output can be sent over
- Pre-req: SCOT configuration, Auth for SM36, SE38

to be continued..

//alak

Comments

  1. Jimmy CarterAugust 23, 2021 at 10:07 PM

    Really appreciate this wonderful as we have seen here. This is a great source to enhance knowledge for us. Thankful to you for sharing an article like this. SAP PDF training handbooks ebooks

    ReplyDelete
  2. aaronnssdSeptember 22, 2021 at 2:08 AM

    The content you've posted here is fantastic because it provides some excellent information that will be quite beneficial to me. Thank you for sharing take SAP ebook pdf. Keep up the good work.

    ReplyDelete

Post a Comment

Popular posts from this blog

SAP: Segregate Different SMTP Mail Server Based on Sender Domain

-
Image
  Requirement : An SAP server, with a single Productive client shared by multiple company codes. Each CoCode would have their own domain (FQDN), and any email send out, for example PO to vendors, are to be sent using each individual CoCode SMTP mail server. Solution Steps: 1. Configure multiple SMTP nodes in Tx SCOT, limiting each node with a Sender Group 2. Set different Sender Group (CDG) parameters for each user of each CoCode (Tx SU01 > Parameters) 3. Test using SCOT's Routing Test feature 4. Profit Detail Step: Logon to SAP system and configure multiple SMTP Node, can use  Continue with SCOT Wizard. Once you get multiple Nodes (as per below screenshot), double click any of them,  In this example, we double click on the "SECOND" node. And then click on "Set" button for the address type you want to configure (that would most probably be for INT type) And click the Pencil icon for setting the Sender Group Here we can set based on FQDN or any string. We are ...
Read more

SAP Client Copy Error: Errors occurred during export of container object FINB-TR-DERIVATION

-
 Reference from: https://www.consultoria-sap.com/2010/03/client-copy-derivation-rule-tables-are.html TL;DR - Execute report ABADRCHECK with selected 'DELSTEPS' //alak ==== Client copy is completed with status "Post-Processing Required". There is an error in log for object FINB-TR-DERIVATION: DA300 "No active nametab exists for *some db table*" Name of db table is usually with naming convention: xxyyyysssmmmnnnn (xx - application class, yyyy - strategy ID, sss - system indicator, mmm - client, nnnn - sequence number) These db tables are part of some instance of derivation tool in your system and are used to store Derivation Rule Values. Other terms ABADR, FINB_TR_CC_EXIT, FINB_TR_CC_EXIT_TARGET, DA 300, DA300, CC, SCC9, SCCL, SCC3 Reason and Prerequisites During processing CC there was huge workload into your system. CC processcreates new tables to store copied derivation rules. This is done in parallel asynchronous process. But due to workload into system, t...
Read more

Quick Dirty Script for Checking Oracle Data Gurad Gap and Emailing it

-
 Situation: primary DB: prd_CCC standby DB: prd_WWW file 1: gap-check.bat @echo off cls echo. echo. echo This script checks for Archive Logs at prd_ccc and Applied Logs at prd_www echo. echo Querying prd_ccc (Primary) echo select max(sequence#) "Primary" from v$archived_log where archived='YES';|sqlplus -s / as sysdba echo Querying prd_www (Standby) echo select max(sequence#) "Standby" from v$archived_log where applied='YES';|sqlplus -s / as sysdba echo. DGMGRL / "show configuration" date /t && time /t && hostname && whoami file 2: emailer.ps1 $Username      = "username" $EmailPassword = "password" $today = Get-Date $Username = $Username $EmailTo = "adam@jasabyte.com"  $EmailFrom = "server@jasabyte.com" $Body = Get-Content .\status.log -Raw $Subject = "PRIMARY/STANDBY DB GAP - $today" $SMTPServer = "mail.smtp2go.com"  $SMTPMessage = New-Object System.Net.Mai...
Read more