miglen/WLST_decrypt.sh

## WLST_decrypt.sh
#!/bin/bash

#####################################################################
# This scipt is for decryption of lost username & password          #
# located in boot.properties files of Managed & Admin Servers       #
# in WebLogic Server.                                               #
#                                                                   #
# It scans for boot.properties files and decrypt their content      #
# using integrated WLST scripting and SerializedSystemIni.dat       #
#                                                                   #
# @title: WebLogic boot.properties decrypter                        #
# @author: Miglen Evlogive <wlst@miglen.com>                        #
# @date: 20/05/2013                                                 #
#                                                                   #
#####################################################################


DOMAINDIR="/opt/Middleware/WebLogic/user_projects/domains/wls_domain_02"
#
# Find all boot.properties files in manage servers in the domain directory
# Excluding AdminServer directory, because he uses specific password
find $DOMAINDIR -iname boot.properties 2>/dev/null | egrep "servers/.*/security/boot\.properties$" | grep -v Admin

FILEHASH=$(tr -dc "[:alpha:]" < /dev/urandom | head -c 12)

#script plan:
  #functions
    #decryption
   # temp file creation

  #action

#actions:
#1. scan for appropriate boot.properties files
#2. create temporary files (python & data, decrupted data)
#3. decrypting proccess > decrypted.data
#4. echo the results from decrypted.data


#Creating the temporary files
touch /tmp/wlstdecrypt.$FILEHASH.data /tmp/wlstdecrypt.$FILEHASH.py /tmp/wlstdecrypt.$FILEHASH.decrypt

#Creating the needed python file
PYFILEDATA="import os\nimport weblogic.security.internal.SerializedSystemIni\nimport weblogic.security.internal.encryption.ClearOrEncryptedService\n\ndef decrypt(domainHomeName, encu, encp):\n    domainHomeAbsolutePath = os.path.abspath(domainHomeName)\n    encryptionService = weblogic.security.internal.SerializedSystemIni.getEncryptionService(domainHomeAbsolutePath)\n    ces = weblogic.security.internal.encryption.ClearOrEncryptedService(encryptionService)\n    print \"@username: \" + ces.decrypt(encu) + \"\\\n@password: \" + ces.decrypt(encp)\n  \n	\ntry:\n    if len(sys.argv) == 4:\n        decrypt(sys.argv[1], sys.argv[2], sys.argv[3])\n    else:\n        print \"@ERROR: NOW USER & PASSWORD\"\n\nexcept:\n    print \"@ERROR\", sys.exc_info()[0]\n    dumpStack()\n    raise"
echo -e $PYFILEDATA > /tmp/wlstdecrypt.$FILEHASH.py


#rm -rf /tmp/wlstdecrypt.$FILEHASH.py /tmp/wlstdecrypt.$FILEHASH.decrypt /tmp/wlstdecrypt.$FILEHASH.data
	#!/bin/bash

	#####################################################################
	# This scipt is for decryption of lost username & password #
	# located in boot.properties files of Managed & Admin Servers #
	# in WebLogic Server. #
	# #
	# It scans for boot.properties files and decrypt their content #
	# using integrated WLST scripting and SerializedSystemIni.dat #
	# #
	# @title: WebLogic boot.properties decrypter #
	# @author: Miglen Evlogive <wlst@miglen.com> #
	# @date: 20/05/2013 #
	# #
	#####################################################################



	DOMAINDIR="/opt/Middleware/WebLogic/user_projects/domains/wls_domain_02"
	#
	# Find all boot.properties files in manage servers in the domain directory
	# Excluding AdminServer directory, because he uses specific password
	find $DOMAINDIR -iname boot.properties 2>/dev/null \| egrep "servers/.*/security/boot\.properties$" \| grep -v Admin

	FILEHASH=$(tr -dc "[:alpha:]" < /dev/urandom \| head -c 12)

	#script plan:
	#functions
	#decryption
	# temp file creation

	#action

	#actions:
	#1. scan for appropriate boot.properties files
	#2. create temporary files (python & data, decrupted data)
	#3. decrypting proccess > decrypted.data
	#4. echo the results from decrypted.data




	#Creating the temporary files
	touch /tmp/wlstdecrypt.$FILEHASH.data /tmp/wlstdecrypt.$FILEHASH.py /tmp/wlstdecrypt.$FILEHASH.decrypt

	#Creating the needed python file
	PYFILEDATA="import os\nimport weblogic.security.internal.SerializedSystemIni\nimport weblogic.security.internal.encryption.ClearOrEncryptedService\n\ndef decrypt(domainHomeName, encu, encp):\n domainHomeAbsolutePath = os.path.abspath(domainHomeName)\n encryptionService = weblogic.security.internal.SerializedSystemIni.getEncryptionService(domainHomeAbsolutePath)\n ces = weblogic.security.internal.encryption.ClearOrEncryptedService(encryptionService)\n print \"@username: \" + ces.decrypt(encu) + \"\\\n@password: \" + ces.decrypt(encp)\n \n \ntry:\n if len(sys.argv) == 4:\n decrypt(sys.argv[1], sys.argv[2], sys.argv[3])\n else:\n print \"@ERROR: NOW USER & PASSWORD\"\n\nexcept:\n print \"@ERROR\", sys.exc_info()[0]\n dumpStack()\n raise"
	echo -e $PYFILEDATA > /tmp/wlstdecrypt.$FILEHASH.py




	#rm -rf /tmp/wlstdecrypt.$FILEHASH.py /tmp/wlstdecrypt.$FILEHASH.decrypt /tmp/wlstdecrypt.$FILEHASH.data