WebLogic Password Recovery

There are many blogs out there providing various methods to recover WebLogic password below method is the easiest of the all.

First we need to know DOMAIN_HOME directory. My OMS is located in “/u02/Middleware/oms”. You can find yours if you read “/etc/oragchomelist”. If the full path of OMS is “/u02/Middleware/oms”, my middleware home is “/u02/Middleware/”. Under my middleware home, I need to go GCDomains folder

2	oracle@db-cloud /$ cd /u02/Middleware oracle@db-cloud Middleware$ cd gc_inst/user_projects/domains/GCDomain

First let’s get the encrypted information from boot.properties file:

oracle@db-cloud GCDomain$ cat servers/EMGC_ADMINSERVER/security/boot.properties

 

# Generated by Configuration Wizard on Wed Jun 04 10:22:47 EEST 2014

username={AES}nPuZvKIMjH4Ot2ZiiaSVT/RKbyBA6QITJE6ox56dHvk=

password={AES}krCf4h1du93tJOQcUg0QSoKamuNYYuGcAao1tFvHxzc=

The encrypted information starts with {AES} and ends with equal (=) sign. To decrypt the username and password, we will create a simple java application:

3 4 5 6 7 8 9 10

oracle@db-cloud GCDomain$ cat recoverpassword.java public class recoverpassword { public static void main(String[] args) {   System.out.println(   new weblogic.security.internal.encryption.ClearOrEncryptedService(   weblogic.security.internal.SerializedSystemIni.getEncryptionService(args[0]    )).decrypt(args[1]));   } }

Save it as “recoverpassword.java”. To be able to compile (and run) it, we need to set environment variables (we’re still in GCDomain folder). We’ll give the encrypted part as the last parameter:

1 2 3 4 5 6

oracle@db-cloud GCDomain$ . bin/setDomainEnv.sh oracle@db-cloud GCDomain$ javac recoverpassword.java oracle@db-cloud GCDomain$ java -cp $CLASSPATH:. recoverpassword \ $DOMAIN_HOME {AES}nPuZvKIMjH4Ot2ZiiaSVT/RKbyBA6QITJE6ox56dHvk= oracle@db-cloud GCDomain$ java -cp $CLASSPATH:. recoverpassword \ $DOMAIN_HOME {AES}krCf4h1du93tJOQcUg0QSoKamuNYYuGcAao1tFvHxzc=

When we run the last two commands, we should see the weblogic administrator username and password in plain text. By the way, even if you use the same password with me, you may see different encrypted text because when encrypting and decrypting, weblogic uses the cypher key stored in “security/SerializedSystemIni.dat” file. So as long as the cypher key is different, you get different encrypted text for even same input.

Thanks to :http://www.gokhanatil.com/2015/03/how-to-recover-weblogic-administration-password-of-enterprise-manager.html