Posts

Showing posts from 2019

SYBASE ASE - Neatly Display DB/Schema Sizes

when running isql it should have "-w999" ​ isql -Usapsa -S -P -X -w999 ​ after that here are the commands: ​ use master ​ go ​ declare @pagesize numeric(19,0) select @pagesize=(select @@maxpagesize) SELECT "DB Name" = CONVERT(char(15), db_name(D.dbid)),"DB Size MB" = STR(SUM(CASE WHEN U.segmap != 4 THEN U.size*@pagesize/1048576 END),10,1), "Used Data MB" = STR(SUM(CASE WHEN U.segmap != 4 THEN size - curunreservedpgs(U.dbid, U.lstart, U.unreservedpgs)END)*@pagesize/1048576,10,1), "Data Full%" = STR(100 * (1 - 1.0 * SUM(CASE WHEN U.segmap != 4 THEN curunreservedpgs(U.dbid, U.lstart, U.unreservedpgs) END)/SUM(CASE WHEN U.segmap != 4 THEN U.size END)),9,1), "Log Size MB" = STR(SUM(CASE WHEN U.segmap = 4 THEN U.size*@pagesize/1048576 END),10,1), "Free Log MB" = STR(lct_admin("logsegment_freepages",D.dbid)*@pagesize/1048576,10,1), "Log Full%" = STR(1

SAP Backdoors {placeholder Post]

This is a placeholder for future post, on backdooring SAP servers: 1. SAP profile SETENV_xx parameter - if get local access, or SAP level access can cat or echo a line into profile parameter file - concatenated command for SETENV_+xx param 2. Using ABAP program + SM37 - ABAP program to fetch comamnd from a remote server (HTTP-GET ABAP Function Module) - schedule job every 2 minits interval - for that job, set spool recipient to remote attacker email so output can be sent over - Pre-req: SCOT configuration, Auth for SM36, SE38 to be continued.. //alak