-
Notifications
You must be signed in to change notification settings - Fork 1
SAP Databases
This Section includes information and details about SAP Databases and Database Software used by SAP like SAP HANA, SAP ASE, etc.
The HANA Database SQL client port of the systems index server provides access to the SQL/MDX functionality of the database via JDBC/ODBC. Database clients for administration and development need access to this service. The encrypted communication can be configured using TLS. Wide exposure to administrative database services comes with inherent risks. Specifically weak passwords, insufficient TLS configuration, and hardening and patching of the HANA system can expose an attached surface for various exploit scenarios.
30015
- ``
- ``
- Scan for SAP HANA ports
nmap -sV -R -p30015 -Pn <Target Address(es)/Domain Name>- Scan all potential ports using NMAP ERPscan probes service probes
nmap -sSVC -n -Pn -p30015 --datadir . <Target Address(es)/Domain Name>SAP ASE (Adaptive Server Enterprise) is a high-performance relational database management system designed for handling large-scale transaction processing in enterprise environments. Originally developed by Sybase and later acquired by SAP, it is used in industries like finance and telecommunications for managing critical data. SAP ASE uses encrypted communication by default. Wide exposure to administrative database services comes with inherent risks. Specifically weak passwords and hardening and patching of the ASE system can expose an attack surface for various exploit scenarios.
- Portrange:
4901-4999 - Default Ports:
-
4901(Dataserver) -
4902(Backup Server) -
4903(Job Scheduler)
-
At the time of writing the section, Shodan does not scan ports that are used by this service. Therefore, no information/queries are available.
protocol=="ase-adaptive" or protocol=="ase-backup"
- Scan for SAP ASE Dataserver & Backup Server ports
nmap -sV -R -p4901-4999 -Pn <Target Address(es)/Domain Name>- Scan all potential ports using NMAP ERPscan probes service probes
nmap -sSVC -n -Pn -p4901-4999 --datadir . <Target Address(es)/Domain Name>- Dataserver discovery
Replace the <Target Address/Domain Name> with the IP addresses. Alternative, specify a list of Domains/IP Addresses using option -l
nuclei -t nuclei-sap-templates/sap_ase/sap-ase-dataserver-detect.yaml -u <Target Address/Domain Name>- Backup Server discovery
Replace the <Target Address/Domain Name> with the IP addresses. Alternative, specify a list of Domains/IP Addresses using option -l
nuclei -t nuclei-sap-templates/sap_ase/sap-ase-backupserver-detect.yaml -u <Target Address/Domain Name>By default SAP ASE exposes three ports for its services. The Dataserver port is used for client connections to the database, the Backup Server port is used for backup and restore operations, and the Job Scheduler port is used for scheduling jobs. The ports are configurable and can be changed by the administrator. The default ports are 4901, 4902, and 4903 respectively.
Only the Dataserver and Backup Server ports accept connections from external clients. The Job Scheduler port is used for internal communication between the Job Scheduler and the Dataserver. The Job Scheduler port does not accept communication from external clients.