Wednesday 17 July 2019

Decrypt Weblogic Admin password



This post describes how to decrypt weblogic password using python script.

Assumption: We have boot.properties file which contains encrypted password.

Step 1: Get encrypted password from boot.properties file.

Go to below location and cat boot.properties to get encrypted weblogic password.

cd $DOMAIN_HOME/servers/Adminserver/security

[oracle@server1 AdminServer]$ cd /u01/app/Middleware/user_projects/domains/base_domain/servers/AdminServer/security/

[oracle@server1 security]$ cat boot.properties
# Generated by Configuration Wizard on Thu Jul 11 13:11:09 IST 2019
username={AES}3Ryhu7KAt1t74cqx/UFhcwhq675U5gxfiChMAqgdCW8=
password={AES}s+0t9pgYnGBXRtLxtzp0grC7qbQDjobTZlLc/Tm/AwA=


Step 2: Create python script in the server with below parameters.

from weblogic.security.internal import *
from weblogic.security.internal.encryption import *

 passwd = "<encrypted password from boot.properties file"
secPath = "security folder path under DOMAIN_HOME"
encService = SerializedSystemIni.getEncryptionService(secPath)
coeService = ClearOrEncryptedService(encService)
print "Password is : " + coeService.decrypt(passwd)


[oracle@server1 security]$ vi DecryptPassword.py

from weblogic.security.internal import *
from weblogic.security.internal.encryption import *

passwd = "{AES}s+0t9pgYnGBXRtLxtzp0grC7qbQDjobTZlLc/Tm/AwA="
secPath = "/u01/app/Middleware/user_projects/domains/base_domain/security"
encService = SerializedSystemIni.getEncryptionService(secPath)
coeService = ClearOrEncryptedService(encService)
print "Password is : " + coeService.decrypt(passwd)

:wq!


Step 3: Get decrypted password using wlst script.

execute below command.

[oracle@server1 security]$ /u01/app/Middleware/oracle_common/common/bin/wlst.sh DecryptPassword.py

 
Output: 

Java HotSpot(TM) 64-Bit Server VM warning: ignoring option MaxPermSize=256m; support was removed in 8.0

Initializing WebLogic Scripting Tool (WLST) ...

Jython scans all the jar files it can find at first startup. Depending on the system, this process may take a few minutes to complete, and WLST may not return a prompt right away.

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands

Password is : welcome123
[oracle@server1 security]$







Thanks for your patience to view this post................



Posted by at No comments:
Subscribe to: Posts (Atom)