weblogic密码忘记破解方法

package com.test.tool; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; import java.security.spec.InvalidKeySpecException; import java.util.*; import java.io.*; import javax.crypto.BadPaddingException; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; import javax.crypto.SecretKey; import javax.crypto.SecretKeyFactory; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.PBEKeySpec; import javax.crypto.spec.PBEParameterSpec; import javax.crypto.spec.SecretKeySpec; import javax.xml.parsers.*; import javax.xml.xpath.*; import org.w3c.dom.*; import com.certicom.tls.provider.Cipher; import weblogic.security.internal.*; // requires weblogic.jar in the class path import weblogic.security.internal.encryption.*; import weblogic.utils.encoders.BASE64Decoder; /** * * weblogic密码忘记破解方法 * 获取到weblogic安装目录下的两个文件 SerializedSystemIni.dat、 boot.properties * (weblogic8上面两个文件在的bea/user_projects/domains/mydomain 目录下) * (welogic10 SerializedSystemIni.dat在bea/user_projects/domains/base_domain/security中) * (welogic10 boot.properties在bea/user_projects/domains/base_domain/servers/AdminServer/security中) * 加入weblogic.jar （weblogic安装目录中寻找，不同版本有可能不同）文件添加至构建路径， * welogic10如果运行还缺少别的类可以把weblogic的/wlserver_10.3/server/lib下的jar都添加到构建路径 * @author * */ public class WebLogicDecryptor { private static final String PREFIX = "{AES}"; // private static final String PREFIX = "{3DES}"; private static final String XPATH_EXPRESSION = "//node()[starts-with(text(), '" + PREFIX + "')] | //@*[starts-with(., '" + PREFIX + "')]"; private static ClearOrEncryptedService ces; public static void main(String[] args) throws Exception { String[] arg = {"D:/WebLogicDecryptor","D:/WebLogicDecryptor/boot.properties"}; ces = new ClearOrEncryptedService(SerializedSystemIni.getEncryptionService(new File(arg[0]).getAbsolutePath())); File file = new File(arg[1]); if (file.getName().endsWith(".xml")) { processXml(file); }else if (file.getName().endsWith(".properties")) { processProperties(file); } } private static void processXml(File file) throws Exception { Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(file); XPathExpression expr = XPathFactory.newInstance().newXPath().compile(XPATH_EXPRESSION); NodeList nodes = (NodeList) expr.evaluate(doc, XPathConstants.NODESET); for (int i = 0; i < nodes.getLength(); i++) { Node node = nodes.item(i); print(node.getNodeName(), node.getTextContent()); } } private static void processProperties(File file) throws Exception { Properties properties = new Properties(); properties.load(new FileInputStream(file)); for (Map.Entry p : properties.entrySet()) { if (p.getValue().toString().startsWith(PREFIX)) { print(p.getKey(), p.getValue()); } } } private static void print(Object attributeName, Object encrypted) { System.out.println("Node name: " + attributeName); System.out.println("Encrypted: " + encrypted); System.out.println("Decrypted: " + ces.decrypt((String) encrypted) + "\n"); } }