Tuesday, July 3, 2012

Weblogic Password Decrypt

Share it Please
There are cases sometimes where we need to de crypt the password provided. That may be for a connection pool or a security realm.

In this article we will see how we can de crypt a Weblogic password. Consider we are decrypting a password for a connection pool

1.Copy the SerializedSystemIni.dat file from the from the location /config/weblogic/wls10/domains/<domain Name>/security directory to a local location .This file usually gets created during the Domain Configuration. So the file will be different for every domain. Since this file is different for every domain , the passwords will be using this file to encrypt and decyrpt.

If we look at the config.xml file for a connection pool, we see password values as some thing that starts with {3DES} . Weblogic use "Triple Des" algorithm for encrypting the passwords. When Weblogic encrypts or decrypts password it uses a hash value that is stored in SerializedSystemini.dat file. Hence we use the SerializedSystemini.dat file


1.Write the java Files

import weblogic.security.internal.SerializedSystemIni;
import weblogic.security.internal.*;
import weblogic.security.internal.encryption.*;

public class SsmDecrypt
{
public static EncryptionService es = null;
public static ClearOrEncryptedService ces = null;

public static void main(String args[])
{
String s = null;
if(args.length == 0)
System.out.println("Enter Password");
else
if(args.length == 1)
s = args[0];
else
System.err.println("Usage: java Decrypt [ password ]");
es = SerializedSystemIni.getExistingEncryptionService();
if(es == null)
{
System.err.println("Unable to initialize encryption service");
return;
}
ces = new ClearOrEncryptedService(es);
if(s != null)
System.out.println("\nDecrypted Password is:"+ces.decrypt(s));
}
}

Save as SsmDecrypt.java

3.compile the java file using ,
We have the weblogic.jar file available in class path. The only thing missing is we need to make sure that the SsmDecrypt.java file is also available in class path.

hence
javac -cp $(pwd):$CLASSPATH SsmDecrypt.java

4. Now execute the SsmDecrypt using

java -cp $(pwd):$CLASSPATH SsmDecrypt {3DES}TxggYcDW5y4=
Decrypted Password is:d100

NOTE : If you need to encrypt the password in Weblogic we can use

Dev:LocalHost-com $ java weblogic.security.Encrypt id4sbc
{3DES}VFNWG01p/6s=

Happy Learning :-)