lolcreds

Public credential defaults and exposure patterns for authorized security testing.

SAP HANA

SAPdatabase5 credentials

Credentials5 documented
01

SYSTEM / Database User Password

sap-hana / system-user-password

SAP HANA databases use database users such as SYSTEM and application/technical users for SQL, administration, and service access. Initial passwords are set during installation or provisioning.

generated on installuser definedsecretusername/password

Location

public interface
SQL clients, HANA Cockpit, Database Explorer, JDBC/ODBC, and hdbsql
database

HANA user catalog and password verifier state

config file

hdbuserstore references, deployment descriptors, xs/app configs, and backup scripts

secret store

hdbuserstore, OS credential stores, Kubernetes Secrets, and password vaults

logs

indexserver traces, audit logs, installer logs, and client debug logs

Notes

SAP HANA requires the SYSTEM password to be set during installation; no universal SYSTEM password is modeled.

02

hdbuserstore Secure User Store Key

sap-hana / hdbuserstore-key

HANA client tools can store connection credentials in hdbuserstore secure user store keys, allowing scripts to connect without plaintext command-line passwords.

user definedsecretsecret value

Location

secret store
hdbuserstore

SAP HANA secure user store entries on client or server hosts

config file

scripts and service files referencing hdbuserstore key names

source code

backup, monitoring, and deployment automation

logs

hdbsql command traces and failed connection output

03

XS Advanced / UAA OAuth Client Secret

sap-hana / xs-uaa-oauth-secret

SAP HANA XS Advanced and related services use UAA/OAuth clients, service keys, and JWT signing configuration for application and service authentication.

generated on installuser definedsecretsecret value

Location

http header
Authorization

Bearer tokens used by XS Advanced and service APIs

database

XSA/UAA service and client credential stores

config file

mta.yaml, xs-security.json, service keys, and app environment files

environment
VCAP_SERVICES, HANA_CLIENT_SECRET, XSUAA_CLIENT_SECRET
secret store

service keys, Kubernetes Secrets, and external vaults

source code

application repositories and deployment descriptors

logs

application startup logs and OAuth debug traces

04

SSL / PSE Private Key

sap-hana / ssl-pse-private-key

SAP HANA uses certificates and private keys for TLS, internal communication, and client authentication.

generated on installuser definedsecretkey pair

Looks like

pattern
pattern

private key material for HANA TLS or client certificate authentication

-----BEGIN (RSA |EC |ENCRYPTED |)PRIVATE KEY-----

Location

config file

HANA certificate stores, PSE/PKCS#12 files, global.ini SSL settings, and client key files

secret store

certificate vaults, OS key stores, and backup vaults

artifact

system copies, backups, and support archives

05

Backup Encryption Key / Root Key Material

sap-hana / backup-encryption-key

HANA deployments can use encryption keys for data volume, redo log, and backup encryption. Key backups and root keys are sensitive recovery credentials.

generated on installuser definedsecretsecret value

Location

secret store

HANA secure store, external key managers, and backup key vaults

artifact

encrypted backup sets, key backups, and recovery bundles

config file

encryption and key management configuration

Scope

Authorized use

LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.