After my earlier post regarding the Triple DES encryption Weblogic uses. The next question could be, can we decrypt the 3DES hash to cleartext again ? The answer is, yes you can.
On the Internet multiple examples are available, but I found this post from Chris Vugrinec ( hi m8 ) very helpfull so muchos credits to Chris.
Off course the java code needs to include the weblogic.jar and on runtime access to the domains SerializedSystemIni.dat which encapsulates a time-variant encrypted key created with the generation of the domain.
import java.io.Console;
import weblogic.security.internal.SerializedSystemIni;
import weblogic.security.internal.encryption.ClearOrEncryptedService;
public class DrieDesDecrypter
{
static ClearOrEncryptedService ces;
public static void main(String[] args)
{
System.out.println("This class decrypts the 3DES string for Weblogic");
Console console = System.console();
String var_folder = console.readLine("Give PATH! where SerializedSystemIni.dat for weblogic domain is located: ");
String var_driedes = console.readLine("Give 3DES string: ");
ces = new ClearOrEncryptedService(SerializedSystemIni.getEncryptionService(var_folder));
var_driedes = var_driedes.replace("\\", "");
System.out.println("Decrypted value: " + ces.decrypt(var_driedes));
}
}
The 1st input is the Directory where the SerializedSystemIni.dat resides
The 2nd input is the encrypted 3DES String
The output is what you wanted.
Running would look something like:
c:\Oracle\domains\rbx_dev_wls\bin\setDomainEnv.cmd
java DrieDesDecrypter
This class decrypts the 3DES string for Weblogic
Give PATH! where SerializedSystemIni.dat for weblogic domain is located: C:\Oracle\domains\rbx_dev_wls\security
Give 3DES string: {3DES}OOLr88wGSPx82H1abcYU9Q==
Decrypted waarde: welcome1
This source-code should trigger any Weblogic Administrator to make sure it’s SerializedSystemIni.dat file is secured to prevent unauthorised access and included in the backup procedure.
Update 2012.01.26:
Due to lost passwords on a DEV environment I had to test my class with the new AES encryption used by Weblogic 11g (r1PS4) instead of the older 3DES algoritm it used to store it’s passwords in. And it still works like a charm. :)
Update 2012.06.27:
Make life much easier for those DEV/TST domains: http://recover-weblogic-password.appspot.com/
Don’t think I would like to use it for my PRD domains, but you make your own choice there,
