The code that handles the encryption/decryption it's inside the program's "StringWrapper" class.Īn attacker who manages to get access to a user's configuration file might be able to obtain the stored proxy password.
![speed up sap download manager speed up sap download manager](https://blogs.sap.com/wp-content/uploads/2015/07/sdm4_739961.png)
#SPEED UP SAP DOWNLOAD MANAGER SERIAL NUMBER#
On Windows and MacOS systems, the key is composed by the computer's BIOS serial number concatenated with a fixed key hard-coded in the program's code, up to 16 bytes.However, other sensitive values, such as the user's proxy password are stored encrypted.Įncryption is performed using a different mechanism according to the platform where the program is run: User's SAP Marketplace password is not stored in the configuration file since version 2.1.142 (see SAP Security Note 2235412 ). The program implemented encrypted storage of sensitive values since version 2.1.140a (see SAP Security Note 2074276 ). Configuration settings are stored in a Java HashMap object, which is serialized using Java's standard mechanism before being read from the configuration file. This program stores the user's settings in a configuration file.
#SPEED UP SAP DOWNLOAD MANAGER SOFTWARE#
SAP Download Manager is a Java application offered by SAP that allows downloading software packages and support notes. Technical Description / Proof of Concept Code The publication of this advisory was coordinated by Joaquín Rodríguez Varela from Core Advisories Team.
![speed up sap download manager speed up sap download manager](https://blogs.sap.com/wp-content/uploads/2015/07/sdm14_739970.png)
This vulnerability was discovered and researched by Martin Gallo from Core Security Consulting Services. Īn updated version of SAP Download Manager can be found in their website. It can be accessed by SAP clients in their Support Portal. SAP published the following Security Note: Vendor Information, Solutions and Workarounds Other products and versions might be affected, but they were not tested.
![speed up sap download manager speed up sap download manager](https://3.bp.blogspot.com/-O2K0wmWutGQ/XSVR1sY1BfI/AAAAAAAAXFY/AYUx0uXivVU90WmgR_qVolT7ivg5pOtBgCLcBGAs/s1600/SAP-page-6.jpg)
Vulnerability InformationĬlass: Storing Passwords in a Recoverable Format ĬVE Name: CVE-2016-3685, CVE-2016-3684 3. Title: SAP Download Manager Password Weak Encryption