Hash Cracking och SAP-landskapet

Introduction to Hash Cracking

Hashing is a one-way encryption method used to ensure data integrity, authenticate information, secure passwords, and other sensitive information. Hash functions transform data into a fixed-size string of characters  that are  uniform and deterministic, making it a great option for maintaining data security.

One of the main features in relation to password storage is that the results are one-way, this means that it is possible to obtain the same result with the same input data, but can’t calculate the input data knowing the result, which allows validating user credentials without knowing the original data.

Sometimes, as security professionals, we need to perform password cracking which is basically “recover” the plaintext value, to identify users with weak passwords, hijack other users accounts to elevate privileges to mention some use cases of this technique.

This blog will provide background on how SAP stores passwords and cracking tools that can be used to perform tests.

Link to blog