Recover Weblogic Admin Password


If Weblogic admin password been forgotten, then no worries we can recover the password without reset / recreating the domain.

BEA/Oracle WebLogic application server being an enterprise-ready piece of software treats security seriously. One of the symptoms of that is the fact that all sensitive pieces of information like logins, passwords etc. are kept in encrypted form. While browsing through config.xml or boot.properties files you can easily spot them since they are usually prefixed with ‘{3DES}’ / ‘{AES} string which obviously suggests the encryption algorithm used.


WebLogicDecryptor.java
import java.util.*;
import java.io.*;
import javax.xml.parsers.*;
import javax.xml.xpath.*;
import org.w3c.dom.*;

import weblogic.security.internal.*; // requires weblogic.jar in the class path
import weblogic.security.internal.encryption.*;

public class WebLogicDecryptor {

      private static final String PREFIX = "{AES}";
      private static final String XPATH_EXPRESSION = "//node()[starts-with(text(), '" + PREFIX + "')] | //@*[starts-with(., '" + PREFIX + "')]";

      private static ClearOrEncryptedService ces;
      public static void main(String[] args) throws Exception {
            if (args.length < 2) {
                  throw new Exception("Usage: [domainDir] [configFile]");
            }

            ces = new ClearOrEncryptedService(SerializedSystemIni.getEncryptionService(new File(args[0]).getAbsolutePath()));
            File file = new File(args[1]);
            if (file.getName().endsWith(".xml")) {
                  processXml(file);
            }
            else if (file.getName().endsWith(".properties")){
                  processProperties(file);
            }
      }

      private static void processXml(File file) throws Exception {
            Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(file);
            XPathExpression expr = XPathFactory.newInstance().newXPath().compile(XPATH_EXPRESSION);
            NodeList nodes = (NodeList)expr.evaluate(doc, XPathConstants.NODESET);
            for (int i = 0; i < nodes.getLength(); i++) {
                  Node node = nodes.item(i);
                  print(node.getNodeName(), node.getTextContent());
            }
      }

      private static void processProperties(File file) throws Exception {
            Properties properties = new Properties();
            properties.load(new FileInputStream(file));
            for (Map.Entry p : properties.entrySet()) {
                  if (p.getValue().toString().startsWith(PREFIX)) {
                        print(p.getKey(), p.getValue());
                  }
            }
      }

      private static void print(Object attributeName, Object encrypted) {
            System.out.println("Node name: " + attributeName);
            System.out.println("Encrypted: " + encrypted);
            System.out.println("Decrypted: " + ces.decrypt((String)encrypted) + "\n");
      }
}

Note: Check the boot.properties fie, if the Prefix is {AES} or {3DES}—update it in the above file (Highlighted in yellow color)

Procedure to execute the code:
  1. Set the env variables using setWLSenv.sh / Cmd
  2. Javac WeblogicDecryptor.java
  3. Run the code >   java WeblogicDecryptor   <Domain Dir>  <Config file / boot. Properties path>
Ex:  Option 1
C:\Prem\Weblogic>java WebLogicDecryptor C:\Oracle\Middleware\user_projects\domains\base_domain C:\Oracle\Middleware\user_projects\domains\base_domain\config\config.xml
Node name: credential-encrypted
Encrypted: {AES}EQOhDn+NVCtsijzTycEERvyX4+4wGo5j734YIzUsQQDILIKP74eMyXXBk6QX7gpD
1AA856/lAaCjMtgYHvIWF0QUj2xeTTJj6+HGUGb5xB+p2Ix4+bTGOLAqzVdmvaQm
Decrypted: 0xa944c5ffe3abb7dab194e9467d1e8e2961077202a92e6c8a87c1fc7a334d4d39

Node name: node-manager-password-encrypted
Encrypted: {AES}aXCNpPXYnNr5n8kFZ1/xjDjAyif5g7vS2ct/jP97g5A=
Decrypted: weblogic12345

Node name: credential-encrypted
Encrypted: {AES}fPAWbE94I7oKthMYyNgz90KBLmMFq2+NEAJy9KxjG+WME3r4dPcrBuLajdU+KPf7

Decrypted: 0x870d791c7277889e17b55a87d5


C:\Prem\Weblogic>javac WebLogicDecryptor.java

Ex: Option 2

C:\Prem\Weblogic>java WebLogicDecryptor C:\Oracle\Middleware\user_projects\domains\base_domain C:\Oracle\Middleware\user_projects\domains\base_domain\boot.properties
Node name: password
Encrypted: {AES}41WaOikOJ/bVjBrWCVlnVa11b/PirQh1izkTcYowqyw=
Decrypted: weblogic12345

Node name: username
Encrypted: {AES}hGG2itFJJXaqyzhU5UH7SUZjoWpa+PssIMqzY1zyENs=
Decrypted: weblogic


Happy Troubleshooting !!! :-)

Thanks
Prem

Comments

Post a Comment

Popular posts from this blog

OHS - Weblogic SSL Communication Issue : SSL Communication from Oracle HTTP Server (12c) to Weblogic Cluster fails with the below error: *******Exception type [HALF_OPEN_SOCKET_RETRY] (attempt to read from disconnected socket:Was unexpected EOF) raised at line 792 of URL.cpp Cause: Incorrect configuration in the mod_wl_ohs.conf: Solution: Need to add the below parameter in the mod_wl_ohs.conf and restart the OHS Instances. SecureProxy ON WLSSLWallet "${ORACLE_INSTANCE}/config/fmwconfig/components/${COMPONENT_TYPE}/instances/${COMPONENT_NAME}/keystores/default" Note: If you have preconfigured wallet for OHS, provide the location as appropriate in mod_wl_ohs.conf file:                    WLSSLWallet <WalletLocation> <<<<<<<< >>>>>>>
Read more

Schedule OSB Service Using ESS 12c - SOA

Image
Schedule OSB Service Using ESS * Login to SOA 12c EM console as weblogic user. * Select the Scheduling Services -> ESSAPP () * Select the Scheduling Services -> Job Requests -> Define Schedules * Create Schedule by clicking the “Create” button. * Create Schedule by clicking the “Create” button. * Enter the Field Values as below and click OK Name : OSBService Display Name : OSBService Package         : /oracle/apps/ess/custom/osb Description : OSBService Frequency : 3 hours Time Zone : EST Start Date : 5-Sep-2017 10:00:00 PM Use End Date : Not to be selected 1   * Create the Job Definitions as shown below: a.       Create the Job Definition details as below: Name                           : ...
Read more

Python Script to Monitor Weblogic Servers thru WLST

Python Script: (monitor.py) def reportDomainHealth(usern, passw, url):     print ""     print "====================================================================="     connect(usern,passw,url)     domainRuntime()      print "Found Servers: "     serverList=ls('ServerRuntimes');     serverList=serverList.split()     print "%15s %15s %20s %15s %15s %40s" % ("Server","Threads","HoggingThreads","QueueLength","Heap_Free","HealthState ")     print "----------------------------------------------------------------------------------------------------------------"     for i in range(len(serverList)):         if serverList[i] != 'dr--':             server_st=get('ServerRuntimes/' + serverList[i] + '/HealthState')         ...
Read more