Saturday, October 24, 2015

How To Recover Custom Identity And Custom Trust Keystore Password

==> Password information are stored in security data file  SerializedSystemIni.dat which cannot be readable like text files.

==> Encrypted passwords are stored in config.xml, boot.properties And DataSource-jdbc.xml file can be visible to user.

==> Using Encrypted password and SerializedSystemIni.dat file we can recover passwords

==> Using this method one can recover password for 
  • weblogic Admin Console
  • KeyStore password
  • Data source Password 


1) Create a file DecryptTest.py  with below content in $DOMAIN_HOME/security directory


from weblogic.security.internal import *
from weblogic.security.internal.encryption import *

#This will prompt you to make sure you have SerializedSystemIni.dat file under #current directory from where you are running command
raw_input("Please make sure you have SerializedSystemIni.dat inside the current directory, if yes press ENTER to continue.")

# Encryption service
encryptionService = SerializedSystemIni.getEncryptionService(".")
clearOrEncryptService = ClearOrEncryptedService(encryptionService)

# Take encrypt password from user
pwd = raw_input("Please enter encrypted password (Eg. {3DES}Bxt5E3...): ")

# Delete unnecessary escape characters
preppwd = pwd.replace("\\", "")

# Decrypt password
print "Your password is: " + clearOrEncryptService.decrypt(preppwd)





2) Source the environment using setDomainEnv.sh 


cd /oracle/Middleware/user_projects/domains/prod_domain/bin
. ./setDomainEnv.sh



3) Get the custom identity keystore password from config.xml


<custom-identity-key-store-pass-phrase-encrypted>{AES}NtJU+ki8yu5Pr2K+c4jHtLKs//Th3ZXnAvKgnt0LFmE=</custom-identity-key-store-pass-phrase-encrypted>



4) Now Navigate to $DOMAIN_HOME/security directory and execute below command and enter


cd /oracle/Middleware/user_projects/domains/prod_domain/security
java weblogic.WLST DecryptTest.py


5) Enter the password from step 3

 {AES}NtJU+ki8yu5Pr2K+c4jHtLKs//Th3ZXnAvKgnt0LFmE=






COMPLETED...................









Posted by at
Labels:

8 comments:

  1. AnonymousDecember 10, 2015 at 6:23 AM

    Thanks for the post...its really very useful.

    -Amar.

    ReplyDelete
  2. AnonymousSeptember 1, 2017 at 12:11 PM

    great article. Really helpful.

    -Gary Simmons

    ReplyDelete
  3. UnknownAugust 17, 2018 at 8:33 PM

    This comment has been removed by the author.

    ReplyDelete
  4. AnonymousAugust 17, 2018 at 8:36 PM

    Thanks a lot. Extremely helpful!

    ReplyDelete
  5. VijayBharath ReddyMarch 21, 2019 at 4:22 AM

    Thank you. This blog is very useful

    ReplyDelete
  6. anonimoMarch 10, 2020 at 10:16 AM

    Very Very useful, thanks!

    ReplyDelete
  7. LokeshSeptember 29, 2020 at 1:23 AM

    its working and useful ! Thanks

    ReplyDelete
  8. UnknownOctober 22, 2021 at 5:39 AM

    I am getting below error weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptBytes(JSafeEncryptionServiceImpl.java:139)
    at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptString(JSafeEncryptionServiceImpl.java:187)
    at weblogic.security.internal.encryption.ClearOrEncryptedService.decrypt(ClearOrEncryptedService.java:96)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:606)

    weblogic.security.internal.encryption.EncryptionServiceException: weblogic.security.internal.encryption.EncryptionServiceException

    ReplyDelete

Subscribe to: Post Comments (Atom)