Decrypting the config.xml
The script below is enhanced from various other scripts found on the web to perform decryption of WebLogic encrypted strings. This script uses a sax parser and scans through the config.xml and decrypts all XML tags containing the word "encrypted".All the code below is free to use and modify as you wish.
Downloads:
WLSDecryptor.py
runwlst.sh
Script Runner: runwlst.sh
#!/bin/bash WORKDIR=$PWD export JAVA_HOME=/usr/java/latest if [ "$#" -lt 1 ] then echo "runwlst.sh[path to cfgfile]" exit fi export DOMAIN_DIR="$1" if [ "$#" -eq 2 ] then export CFGFILE="$2" fi . $DOMAIN_DIR/bin/setDomainEnv.sh echo "Starting wlst script" ${JAVA_HOME}/bin/java weblogic.WLST $WORKDIR/WLSDecryptor.py
Run this as:
./runwlst.sh <abs path to domain> [path to cfg file]
For example:
./runwlst.sh /WLSDomains/dom1
or to decrypt the jdbc connection xml
./runwlst.sh /WLSDomains/dom1 /WLSDomains/dom1/config/jdbc/dbpool.xml
Where dbpool.xml is the cfg file containing the jdbc connection information.
Script: WLSDecryptor.py
from weblogic.security.internal import * from weblogic.security.internal.encryption import * import os import sys from xml import sax from xml.sax import xmlreader, saxutils from xml.sax.handler import ContentHandler class wlsCfgParser(ContentHandler): """this runs through the wls file looking for tags with string 'encrypted' in them""" encStr="" def __init__(self,domainDir, cfgfile): assert(os.path.exists(domainDir)) if cfgfile == None: self.cfgfile=os.path.join(domainDir,"config","config.xml") else: self.cfgfile=cfgfile if os.path.exists(self.cfgfile): print "Decrypting :",self.cfgfile self.Parser = sax.make_parser() self.Parser.setContentHandler(self) self.decrypter = WeblogicDecrypter(domainDir) def parse(self): self.Parser.parse(open(self.cfgfile,"r")) def startElement(self,name,attrs): if name.lower().find("encrypted") >= 0: self.encStr="" def endElement(self,name): if name.lower().find("encrypted") >= 0: decryptStr = self.decrypter.decrypt(self.encStr) # print results: print "Tag Name: ",name print "Enc Str : ",self.encStr print "Dec Str : ",decryptStr def characters(self,data): self.encStr += saxutils.escape(data) class WeblogicDecrypter: decrypted = None ces = None def __init__(self, domainDir, encryptedStr=None): domainDirFullPath = os.path.abspath(domainDir) # get absolute path in case relative is passed self.ces = ClearOrEncryptedService(SerializedSystemIni.getEncryptionService(domainDirFullPath)) if encryptedStr != None: self.decrypted = self.ces.decrypt(encryptedStr) def decrypt(self, encryptedStr): self.decrypted= self.ces.decrypt(encryptedStr) return self.decrypted def __str__(self): return self.decrypted # wlst jython does not understand : if __name__ == '__main__': domainDir=os.getenv("DOMAIN_DIR") cfgfile=os.getenv("CFGFILE") print "Domain Dir: "+str(domainDir) if cfgfile != None: print "File to decr : "+str(cfgfile) wcp = wlsCfgParser(domainDir, cfgfile) wcp.parse() yesno=raw_input("Do you want to decrypt a custom encrypted string? [y/n]") if yesno != "y": sys.exit() encStr = raw_input("Enter encrypted Str [Q to quit]: ") wd40 = WeblogicDecrypter(domainDir) while encStr.lower() != "q": print wd40.decrypt(encStr) encStr = raw_input("Enter encrypted Str [Q to quit]: ")
Notes:
This script will decrypt each encrypted string, and at the end also asks for a custom encrypted string if there is one that you wish to decrypt that was not in the config.xml or whichever xml file that was passed.
No comments:
Post a Comment