One of the most important WebLogic Server files in terms of security is SerializedSystemIni.dat which contains encrypted security data and is located in $DOMAIN_HOME/security directory. Other file is boot.properties file located in $DOMAIN_HOME/servers/AdminServer/security directory which contains an encrypted version of weblogic admin username and password.
Below tutorial
shows how to decrypt, recover username or password, having access to SerializedSystemIni.dat
and boot.properties files. We can also use this method to:
- recover
database username and password of JDBC Connection pool – encrypted
password resides in $DOMAIN_HOME/config/jdbc directory, in xml files
- recover
password of a keystore where we store SSL certificates
- any
encrypted password from config.xml located
in $DOMAIN_HOME/config dir
NOTE: SerializedSystemIni.dat file exists
in $DOMAIN_HOME/security directory.
1. Create a
script decrypt_password.py in $DOMAIN_HOME/security directory
and paste the following code into it:
from weblogic.security.internal
import *
from weblogic.security.internal.encryption
import *
encryptionService = SerializedSystemIni.getEncryptionService(".")
clearOrEncryptService
= ClearOrEncryptedService(encryptionService)
# Take encrypt
password from user
pwd = raw_input("Paste
encrypted password ({AES}eh7DH...): ")
# Delete unnecessary
escape characters
preppwd = pwd.replace("\\",
"")
# Display password
print "Decrypted
string is: " + clearOrEncryptService.decrypt(preppwd)
2.
Set domain environment variables
source $DOMAIN_HOME/bin/setDomainEnv.sh
3.
Get encrypted password, in this example from boot.properties file of
AdminServer
#Username:
grep username $DOMAIN_HOME/servers/AdminServer/security/boot.properties
| sed -e "s/^username=\(.*\)/\1/"
#Password:
grep password $DOMAIN_HOME/servers/AdminServer/security/boot.properties
| sed -e "s/^password=\(.*\)/\1/"
NOTE - You can directly get the encrypted password from boot.properties file as well.
4. Navigate to $DOMAIN_HOME/security
directory and run the following command to start decryption: -
cd $DOMAIN_HOME/security
java weblogic.WLST decrypt_password.py
Initializing WebLogic Scripting Tool (WLST) ...
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
Please enter encrypted password (Eg. {AES}gt7EK...):
{AES}jkIkkdh693dsyLt+DrKUfNcXryuHKLJD76*SXnPqnl5oo\=
Decrypted string is: welcome01
Your Password will be displayed on the screen. Use the same approach to recover the admin user in case you forget it.
Your Password will be displayed on the screen. Use the same approach to recover the admin user in case you forget it.
2. Set domain environment variables
NOTE: SerializedSystemIni.dat file exists in $DOMAIN_HOME/security directory.
1. Create a script decrypt_password.py in $DOMAIN_HOME/security directory and paste the following code into it:
- See more at: http://emarcel.com/recover-decrypt-weblogic-server-admin-password/#sthash.uuzSpoOW.dpu
1. Create a script decrypt_password.py in $DOMAIN_HOME/security directory and paste the following code into it:
- See more at: http://emarcel.com/recover-decrypt-weblogic-server-admin-password/#sthash.uuzSpoOW.dpu
No comments:
Post a Comment