Oracle, WebLogic Server May 8, 2014 19

Recover Decrypt WebLogic Server Admin Password

One of the most important WebLogic Server files in terms of security is SerializedSystemIni.dat which contains encrypted security data and is located in $DOMAIN_HOME/security directory. Other file is boot.properties file located in $DOMAIN_HOME/servers/AdminServer/security directory which contains an encrypted version of weblogic admin username and password.

 Below tutorial shows how to decrypt, recover username or password, having access to SerializedSystemIni.dat and boot.properties files. But not only, we can also use this method to:

  • recover database username and password of JDBC Connection pool – encrypted password resides in $DOMAIN_HOME/config/jdbc directory, in xml files
  • recover password of a keystore where we store SSL certificates
  • any encrypted password from config.xml  located in $DOMAIN_HOME/config dir

Let’s roll:

NOTESerializedSystemIni.dat file exists in $DOMAIN_HOME/security directory. 

1. Create a script decrypt_password.py in $DOMAIN_HOME/security directory and paste the following code into it:

from weblogic.security.internal import *
from weblogic.security.internal.encryption import *
encryptionService = SerializedSystemIni.getEncryptionService(".")
clearOrEncryptService = ClearOrEncryptedService(encryptionService)

# Take encrypt password from user
pwd = raw_input("Paste encrypted password ({AES}fk9EK...): ")

# Delete unnecessary escape characters
preppwd = pwd.replace("\\", "")

# Display password
print "Decrypted string is: " + clearOrEncryptService.decrypt(preppwd)

2. Set domain environment variables

source $DOMAIN_HOME/bin/setDomainEnv.sh

3. Get encrypted password, in this example from boot.properties file of AdminServer

#Username:
grep username $DOMAIN_HOME/servers/AdminServer/security/boot.properties | sed -e "s/^username=\(.*\)/\1/"

#Password:
grep password $DOMAIN_HOME/servers/AdminServer/security/boot.properties | sed -e "s/^password=\(.*\)/\1/"

4. Navigate to $DOMAIN_HOME/security directory and run the following command to start decryption:

cd $DOMAIN_HOME/security

java weblogic.WLST decrypt_password.py


Initializing WebLogic Scripting Tool (WLST) ...

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands

Please enter encrypted password (Eg. {AES}fk9EK...): {AES}jkIkkdh693dsyLt+DrKUfNcXryuHKLJD76*SXnPqnl5oo\=
Decrypted string is: welcome01

Decrypted value will be displayed on the screen.

 
 Source: http://tinyurl.com/km92oto