Utility to test users and passwords with RfcOpenEx on SAP systems. Now deprecated in favor of THC Hydra.
1946d7911a05a58e4cf9b1d70b1079af14fb8417e1bdb2b35075b7435c397425#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include "saprfc.h"
char version[5] = "0.3";
static void help( void );
RFC_ERROR_INFO_EX error_info;
main( int argc, char ** argv )
{
RFC_HANDLE handle;
char * exception_ptr = NULL,
* ptr,
* pa,
* pb,
pm_buf[257],
connect_param[1024];
int i, j, len,
params_found = 0;
/* -----------------------------------------------
* Put parameters from command to RfcOpenEx-Param.
* ---------------------------------------------*/
memset(connect_param, 0, sizeof(connect_param));
ptr = connect_param;
for (i=1; i<argc; i++)
{
len = strlen(argv[i]);
/* Check syntax of connection parameters */
pa = (char*)memchr(argv[i], '=', len);
if (pa == NULL)
{
help();
return 1;
}
/* Values which include blanks must be set in "..." */
pb = (char*)memchr(argv[i], ' ', len);
if (pb == NULL)
strcpy(pm_buf, argv[i]);
else
{
memset(pm_buf, 0, sizeof(pm_buf));
pa = pa + 1;
len = pa - argv[i];
memcpy(pm_buf, argv[i], len);
pm_buf[len] = '"';
strcpy(pm_buf+len+1, pa);
pm_buf[strlen(pm_buf)] = '"';
}
/* Make an upper-case string */
for (j=0; j<(int) strlen(pm_buf); j++)
pm_buf[j] = (char) toupper(pm_buf[j]);
/* Copy into connect_param of RfcOpenEx */
/* printf("Current : %s\n", pm_buf); */
strcpy(ptr, pm_buf);
ptr = ptr + strlen(ptr);
*ptr++ = ' ';
/* Check for needed args */
if (memcmp(argv[i], "CLIENT=", 7) == 0)
params_found++;
else if (memcmp(argv[i], "USER=", 5) == 0)
params_found++;
else if (memcmp(argv[i], "PASSWD=", 7) == 0)
params_found++;
else if (memcmp(argv[i], "ASHOST=", 7) == 0)
params_found++;
else if (memcmp(argv[i], "SYSNR=", 6) == 0)
params_found++;
}
/* Scream if we do not have the right args */
if (params_found != 5) {
printf("Waiting 5 args, received %d\n", params_found);
help();
}
/* Of course, do a logon check at OPEN time ! */
/* CHECKME : I wonder if a value of zero is neccesary to disable account locking */
strcpy(connect_param+strlen(connect_param), "LCHECK=1 ");
/* Add the ABAP_DEBUG=0 flag */
/* If set to 1, SAPGUI would automaticaly start, and we want to avoid this */
strcpy(connect_param+strlen(connect_param), "ABAP_DEBUG=0 ");
/* Use the FR language */
strcpy(connect_param+strlen(connect_param), "LANG=FR ");
/* Don't use SAPGUI */
/* We really don't want SAPGUI */
strcpy(connect_param+strlen(connect_param), "USE_SAPGUI=0 ");
/* For debugging */
printf("Connextion string : \n%s\n", connect_param);
/* Open connection */
handle = RfcOpenEx(connect_param, &error_info);
if (handle == RFC_HANDLE_NULL) {
if (error_info.group == 103) {
printf("[!] Logon failure\n");
} else if (error_info.group == 102) {
printf("[!] Network problem\n");
} else {
printf("[!] Strange error : %d -- %s\n", error_info.group, error_info.key);
}
exit(1);
} else {
/* Bingo : a valid combo ! */
printf("Bingo :\n%s\n", connect_param);
RfcClose( handle );
exit(1);
} /* main */
static void help( void )
{
printf("Version %s\n", version);
printf("Usage : ./saplogcheck ASHOST=10.0.0.2 SYSNR=00 USER=SAP* PASSWD=PASS CLIENT=100\n");
exit(1);
}
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed