Monday, August 31, 2015

Understanding SAP password hashing Mechanism and Cracking



What is this Code Version thing?
SAP stores password hashes of all users in table "USR02" and other tables "USH02, USRPWDHISTORY" contain changed password history. ABAP systems do not save passwords in plain text, but instead calculates the hash value and saves them in database, so it cannot be read by anyone having direct access to the database tables. 

Over the time, to improve the security and performance SAP has implemented different password hashing mechanisms which generate password hashes via different algorithms called Code Version "CODVN". Most recent algorithm used is “I”, older versions are:

CODVN Description
--------------------------
A Obsolete
B Based on MD5, 8 characters, Uppercase, ASCII
C Not implemented
D Based on MD5, 8 characters, Uppercase, UTF-8
E Reserved
F Based on SHA1, 40 characters, Case Insensitive, UTF-8
G Code Version B + Code Version F (2 hashes)
H Based on SHA1, rand. salt, 40 characters, Case Insensitive, UTF-8
I Code Version B + Code Version F + Code Version H (3 hashes)

In SAP Table USR02, USH02 the password hashes are stored in different fields based on the CODVN as below:
-----------------------------------------
CODVN B hashes - BCODE field
CODVN F hashes - PASSCODE field
CODVN G stores both the hashes of CODVN-B and F (i.e, BCODE, PASSCODE fields)
CODVN H hashes - PWDSALTEDHASH field
CODVN I similar to CODVN-G and stores the CODVN-H in PWDSALTEDHASH field


How does this cracking work?
As stated above, as of SAP NetWeaver 7.0 system supports new password hashing Mechanism that can generate password consisting of up to 40 characters and are case-sensitive (CODVN: F). It is also possible to use any Unicode characters. But with the older releases of SAP, system generates password consisting up to eight characters and system itself converts them from lowercase to uppercase case letters (CODVN: B,D).

Unfortunately, the above improvements were not backward compatible. which means the passwords stored as hash values in USR02, USH02 are not backward compatible with older releases of SAP or other connected system. 

If you are using an SAP system together with other SAP systems that only support backward compatible password hash values, then there is a need to activate the SAP system profile "login/password_downwards_compatibility". With Downward Compatibility SAP can generate all the possible hash values and uses them wherever required while accessing other SAP systems.

In general we shouldn't be able to retrieve the plain text password from the hash value. But there are some famous password cracking tools like Hash-cat, John the Ripper that are loaded with modules for cracking two of the SAP hash algorithms (CODVN B & F/G). 

Lets say SAP system uses the CODVN-G, which is combination of CODVN-B and CODVN-F. So if we crack the CODVN-B first (MD5,8-characters,Uppercase,ASCII) we get to know 8-characters of the password used within CODNV-G.  In CODVN-B SAP password hashes are salted only with the username. Then using those 8-characters, we can create a password dictionary (using known 8-character as prefix) with all possible characters to crack the remaining character of the password with CODVN-G.


Prevention:
  • Protect access to the hash values in tables like USR02, USH02, USRPWDHISTORY.
  • Use the most recent password hashing algorithm, see parameter login/password_hash_algorithm.
  • Set parameter login/password_downwards_compatibility = 0 (this might break communication with systems older than 7.0, check carefully).
  • Delete old hashes, see ABAP report CLEANUP_PASSWORD_HASH_VALUES.
  • Restrict direct access to the SAP databases via transaction code DBACOCKPIT (SQL prompt) or OS level.
  • Choose strong passwords (enforce them via policies) via the password parameters. 
      login/min_password_lng
      login/min_password_letters
      login/min_password_digits
      login/min_password_lowercase
      login/min_password_uppercase
      login/min_password_specials
      login/password_max_idle_productive
      login/password_max_idle_initial
      login/password_history_size
      login/password_expiration_time     Other Parameters



Reference:
1237762 - ABAP systems: Protection against password hash attacks
1458262 - ABAP: recommended settings for password hash algorithms
862989 - New password rules as of SAP NetWeaver 2004s (NW ABAP 7.0)
http://www.daniel-berlin.de/





Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)