03-02-2012 10:41 AM
Hallo I have a problem.
I have an RFC in transaction SM59 that contains a user/pass to connect to another system and it works.
I need that password and I don't know how to retrieve it!
Is there a way to hack this?
I don't like to reset it because I am not sure if there are other systems that use the user/password
Could you help me?
Thanks
03-02-2012 11:53 AM
Hi,
I hope there is no easy way to decrypt these passwords because that would be a huge security hole.
If you forgot a password, reinitialize it in the other system and reenter it in SM59.
Regards,
Olivier
03-02-2012 11:53 AM
Hi,
I hope there is no easy way to decrypt these passwords because that would be a huge security hole.
If you forgot a password, reinitialize it in the other system and reenter it in SM59.
Regards,
Olivier
03-02-2012 1:48 PM
03-02-2012 5:44 PM
This is possible if the systems do not force SNC for the transmission protocol, but not worth the hassle really as it is a pain to reverse engineer the client side storage (SM59) and tools to decode the traffic are not widely in circulation yet (although there is even a free plugin for wireshark if you are allowed to use such tools on the networks there...).
Correct approach is you should fix the user cardinality in the connections. So monitor where the logins of this user are coming from and reset them all as a workaround --> then create a dedicated user for each source connection. That way you can generate the password and no one except the secure storage area needs to know what it is (at runtime).
Cheers,
Julius
03-05-2012 1:33 PM