Skip links
Arpine Maghakyan

Arpine Maghakyan

Security Researcher of RedRays.

Enhancing SAP Password Security with RedRays Security Platform

Introduction: Password security is a crucial aspect of ensuring the protection of critical systems, such as ERP systems. Over the past three years, our team has conducted more than 30 security tests, and in 80% of cases, we identified vulnerabilities in password settings. The problem lies not only in the company’s password policy but also in the way passwords are initialized. Most passwords are created based on publicly available data, such as default passwords, company names, usernames, dates of birth, and years.

Our research shows that approximately 80% of users use at least one of these parameters when creating their passwords. In this article, we will introduce the Password Security module for the RedRays Security Platform, which addresses this issue and provides password security monitoring.

Problem: Many companies face security threats due to weak passwords created based on publicly available data. For example, administrators may use default passwords like “Welcome123*,” and users then change them to something similar that complies with the password policy but remains insecure. There are no effective tools for monitoring and detecting such vulnerable passwords in SAP systems, creating security risks for the company.

Solution: The Password Security module for the RedRays Security Platform provides an effective solution for detecting and monitoring password security in SAP systems. This module supports ABAP and Java Stack for systems such as SAP NetWeaver AS ABAP, S/4HANA, SAP NetWeaver AS Java (ASE, Oracle, Microsoft SQL, Hana databases). To get started with the module, you will need to create a network in the Port and Service Scan module, as shown in the video instructions.

After configuring the module, you can choose one of the password hash brute force patterns. Various options are available, including Default SAP Passwords, Top 100, Top 1000, Top 10000, Top 100000, or Custom Option. When selecting the Custom Option, you can specify a word and apply various mutations (Single Password, Years, Special Symbol, 1 Digit, 1 Digit and Special Symbol, 2 Digits, 2 Digit and Special Symbol) to create password variations. For example, if you have the word “SecurePass1” and want to create passwords with 2 digits and a special symbol, you choose the “2 Digits and Special Symbol” option in Custom Option. The scanner will then brute force passwords like:
SecurePass123! SecurePass196# and so on SecurePass189$
This process allows the generation of passwords based on the original word that can be initiated by the users.

Demo #1

Demo #2

The module scans and brute forces password hashes based on your settings and displays the results. To brute force AS Java password hashes, you need to configure the configuration for the AS Java database and specify the dictionary for scanning.

Demo #3:

Conclusion (Summary): The Password Security module for the RedRays Security Platform provides an effective solution to ensure password security in SAP systems. It allows you to detect and monitor weak passwords created based on publicly available data and offers flexible settings for password brute forcing. This tool reduces security vulnerability risks and helps companies protect their critical systems.

More to explorer

SAP Cloud Connector Certificate Validation Issue

Date of Release: February 13, 2024 Advisory ID: CVE-2024-25642 Affected Software: SAP Cloud Connector Versions Affected: 2.15.0 to 2.16.1 Vulnerability Summary:A critical vulnerability,

Protect Your SAP with RedRays Security Platform

Explore the Power of Our Scanner with an Interactive Prototype Below