search

mydoghasworms / nwrfc

SAP Netweaver RFC SDK wrapper via Ruby-FFI
http://ceronio.net/nwrfc/
28 stars 14 forks source link

Truncation when handling RAW data #1

Closed nmonkee closed 12 years ago

nmonkee commented 12 years ago

The nwrfc SDK wrapper and also Piers Harding's don't appear to handle RAW data.

The following two scripts attempt to call RFC_READ_TABLE and return the users password hash from the BCODE RAW field.

As is clear from the output the return data is truncated (can be confirmed by using SE37 to open USR02).

I found this explanation and fix for a Java connector http://www.benx.ch/benx(bD1lbiZjPTAwMQ==)/de/index.do?onInputProcessing(brai_thread)&001_thread_id=62197 may help with the issue.

$ ruby SE11.rb [x] ADSUSER |7FE24F53 [x] ADS_AGENT |8C323693 [x] DDIC |61D26428 [x] DEVELOPER |C4C768AE [x] J2EE_ADMIN |6C1541BC [x] J2EE_GUEST |00000000 [x] SAP* |D0BFF427 [x] SAPCPIC |7D806C24 [x] SAPJSF |7D6762BF

$ cat SE11.rb

require 'rubygems' require 'nwrfc'

include NWRFC

ashost = "172.16.252.135" sysnr = "42" client = "001" user = "SAP*" passwd = "06071992"

auth_hash = {"user" => user, "passwd" => passwd, "client" => client, "ashost" => ashost, "sysnr" => sysnr}

connection = Connection.new(auth_hash)

function = connection.get_function("RFC_READ_TABLE")

fc = function.get_function_call

fc[:DELIMITER] = '|'

fc[:QUERY_TABLE] = 'USR02'

fc[:FIELDS].new_row {|row| row[:FIELDNAME] = "BNAME" }

fc[:FIELDS].new_row {|row| row[:FIELDNAME] = "BCODE" }

begin fc.invoke rescue NWError => e $stderr.print "FunctionCallException: #{e.inspect}\n" raise "gone" end

data_length = fc[:DATA].size

for i in 0...data_length data = fc[:DATA][i][:WA] data.to_str puts "[x] #{data}" end

$ ruby SE11.rb row: {"WA"=>"7FE24F53"} row: {"WA"=>"8C323693"} row: {"WA"=>"61D26428"} row: {"WA"=>"C4C768AE"} row: {"WA"=>"6C1541BC"} row: {"WA"=>"00000000"} row: {"WA"=>"D0BFF427"} row: {"WA"=>"7D806C24"} row: {"WA"=>"7D6762BF"}

$ cat SE11.rb

require 'sapnwrfc'

TEST_FILE = 'ubuntu.yml'

SAPNW::Base.config_location = TEST_FILE SAPNW::Base.load_config

conn = SAPNW::Base.rfc_connect

attrib = conn.connection_attributes

f = conn.discover("RFC_READ_TABLE")

fc = f.new_function_call

fc.QUERY_TABLE = "USR02"

fc.FIELDS = [{'FIELDNAME' => 'BCODE'}]

begin fc.invoke rescue SAPNW::RFC::FunctionCallException => e $stderr.print "FunctionCallException: #{e.error.inspect}\n" raise "gone" end fc.DATA.each do |row| $stderr.print "row: #{row.inspect}\n" end conn.close

$ ./startrfc -h 172.16.252.135 -s 42 -c 001 -u SAP* -p 06071992 -i SAP System ID: NPL SAP System Number: 42 Partner Host: nplhost Own Host: bt Partner System Release: 702 Partner Kernel Release: 720 Own Release: 720 Partner Codepage: 4103 Own Codepage: 4103 User: SAP* Client: 001 Language: E

$ ./startrfc -v NW RFC Library Version: 720 Patch 7 Compiler Version: 4.1.2 20070115 (SAP release 20090902, based on SUSE release)

mydoghasworms commented 12 years ago

The function RFC_READ_TABLE returns selected data in a character field, so you are actually accessing a string, and not a binary field. If anything the problem is with the way RFC_READ_TABLE formats the data, because I compared the output I get on my system with calling RFC_READ_TABLE in SE37, and it is the same (i.e. passwords are truncated). I suggest taking a look at the tests in the /test directory of the nwrfc repo. There are some examples of calling functions with byte/raw types.

nmonkee commented 12 years ago

It appears this is an issue with RFC_READ_TABLE not the underlying SDK or wrapper. The RFC truncates binary/RAW data. When attempting to read USR02/USH02 and extract BCODE/PASSCODE only the first half of the hash will be returned. 1 byte = 2 hex, so a 20 byte hash = 40 hex chars. RFC_READ_TABLE will only return the first 20 chars.