-
Notifications
You must be signed in to change notification settings - Fork 0
/
wlsdecrypter.py
113 lines (96 loc) · 3.89 KB
/
wlsdecrypter.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
__author__ = 'motting@qualogy'
import os
import sys
import weblogic.security.internal.SerializedSystemIni
import weblogic.security.internal.encryption.ClearOrEncryptedService
import xml.sax
import glob
basepath = "./config/"
domainpath = ""
class wlsHandler(xml.sax.ContentHandler):
lastelement = ""
filename = ""
found = False
def __init__(self, filename):
xml.sax.ContentHandler.__init__(self)
self.filename = filename
self.nextLinePlease = False
self.isjdbc = False
self.jdbcuser = ""
def startElement(self, name, attrs):
if name == "jdbc-data-source":
self.isjdbc = True
self.lastelement = name
def characters(self, chars = ""):
if(chars.endswith(".xml")):
## Recurse into referenced XML
decryptXml(chars)
if chars.startswith("{AES}") or chars.startswith("{3DES}"):
if not self.found:
self.found = True
print("Cryptstrings found in: " + self.filename)
loc = self._locator
print ("Encrypted string found at line number "+ str(loc.getLineNumber()))
print("Config element: " + self.lastelement)
print(chars)
pw = decrypt(cleanCryptString(chars))
print("Decrypted to:\n" + pw )
if self.isjdbc and self.jdbcuser != "":
print("For database user: " + self.jdbcuser)
print("\n")
## Oracle database user name entry
elif self.isjdbc and self.nextLinePlease and self.lastelement == "value":
self.jdbcuser = chars
self.nextLinePlease = False
elif self.isjdbc and chars == "user":
print("Possible Oracle user name found in: " + self.filename)
self.nextLinePlease = True
def cleanCryptString(crypt):
return crypt.strip(' \t\n\r').replace("\\", "")
def decrypt(encryptedPassword):
encryptSrv = weblogic.security.internal.SerializedSystemIni.getEncryptionService(domainpath)
ces = weblogic.security.internal.encryption.ClearOrEncryptedService(encryptSrv)
return ces.decrypt(encryptedPassword)
def decryptXml(myxml):
xmlfile = basepath + myxml
if os.path.isfile(xmlfile):
parser = xml.sax.make_parser()
parser.setContentHandler(wlsHandler(xmlfile))
parser.parse(xmlfile)
def decryptBootLine(line):
linetype = False
if line.startswith("username"):
linetype = "username"
elif line.startswith("password"):
linetype = "password"
if linetype:
try:
print("WebLogic Admin "+linetype+": " + decrypt(cleanCryptString(line[9:])))
except:
print("Failed decrypting " + linetype + ", cryptstring was " + cleanCryptString(line[9:]))
def decryptBootProperties():
list = glob.glob(basepath + "../servers/*/security/boot.properties")
if len(list):
print("Parsing boot.properties: "+ list[0])
props = open(list[0], 'r')
[decryptBootLine(line) for line in props]
else:
print("No boot.properties file was found.")
## init stuff to check all parameters
if len(sys.argv) != 2:
print("WebLogic password decryptor")
print("https://github.com/b0tting/wlsdecrypter")
print("Given a domain directory, this script will attempt to decrypt all AES cryptstrings it")
print("can find. The result names the WLS configuration and line number where the crypt string")
print("was found. Please open that in an editor to find the accompanying username")
print("")
print("Usage: ")
print(" wlst.sh " + sys.argv[0] + " <WebLogic domain directory>")
print("")
print("If you are unfamiliar with the WebLogic domain setup, that's the directory containing the")
print("startWebLogic.sh flie and the config and servers directories.")
exit()
domainpath = sys.argv[1]
basepath = domainpath + basepath
decryptXml("config.xml")
decryptBootProperties()