Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Decrypting Jenkins Password
#To Decrypt Jenkins Password from credentials.xml
#<username>jenkins</username>
#<passphrase>your-sercret-hash-S0SKVKUuFfUfrY3UhhUC3J</passphrase>
#go to the jenkins url
http://jenkins-host/script
#In the console paste the script
hashed_pw='your-sercret-hash-S0SKVKUuFfUfrY3UhhUC3J'
passwd = hudson.util.Secret.decrypt(hashed_pw)
println(passwd)
@eeichinger

This comment has been minimized.

Copy link

eeichinger commented Oct 19, 2016

# encrypt a password
pw='MyPassword1234'
passwd_enc = hudson.util.Secret.fromString(pw).getEncryptedValue()
println(passwd_enc)
@fjlopezs

This comment has been minimized.

Copy link

fjlopezs commented Jan 20, 2017

String key = "Vo1hb2DfqHO5U0AdneAmVon1B54VLZr6+2I1AoeONhw="
def secret = hudson.util.Secret.fromString(key)
println(secret.getPlainText())

  • This key is just an example, if you try, you would get a null value since this key was encrypted with a secret hash. Each installation of Jenkins has a different secret file that is utilized for decrypt each password.
  • There are hashes exist with and without curly braces. If your key contains curly braces you must include this in key variable.
@croccio

This comment has been minimized.

Copy link

croccio commented Feb 20, 2017

this print null
#In the console paste the script hashed_pw='your-sercret-hash-S0SKVKUuFfUfrY3UhhUC3J' passwd = hudson.util.Secret.decrypt(hashed_pw) println(passwd)

and this print the key

String key = "Vo1hb2DfqHO5U0AdneAmVon1B54VLZr6+2I1AoeONhw=" def secret = hudson.util.Secret.fromString(key) println(secret.getPlainText())

how can I do to devcode password?

@zigarn

This comment has been minimized.

Copy link

zigarn commented Jul 25, 2017

@croccio: You need to keep the curly braces

hashed_pw='{Vo1hb2DfqHO5U0AdneAmVon1B54VLZr6+2I1AoeONhw=}'
passwd = hudson.util.Secret.decrypt(hashed_pw)
println(passwd)

# Or

String key = "{Vo1hb2DfqHO5U0AdneAmVon1B54VLZr6+2I1AoeONhw=}"
def secret = hudson.util.Secret.fromString(key)
println(secret.getPlainText())
@thatsk

This comment has been minimized.

Copy link

thatsk commented Oct 10, 2017

its not working it can print the string which you have provided good try

@hughsaunders

This comment has been minimized.

Copy link

hughsaunders commented Jan 8, 2018

You can also find the encrypted key by inspecting the default value in the credentials update form.

@vijayg92

This comment has been minimized.

Copy link

vijayg92 commented Feb 23, 2018

How to decrypt credentials stored as a secret file?

@egr-ext

This comment has been minimized.

Copy link

egr-ext commented Mar 9, 2018

@vijayg92 have you find a solution for a secret file stored in credentials.xml ?

@fjlopezs

This comment has been minimized.

Copy link

fjlopezs commented Apr 19, 2018

@vijayg92 , @egr-ext
I use the code that I've posted before.

@bencoughlan

This comment has been minimized.

Copy link

bencoughlan commented Jun 5, 2018

remember that this needs the "="

i.e.

if
KEY_PASSWORD=tmdHc/YjAIu1O/XxwnyLTjgHIK1h95JwpskSy23Khj5

then

String key = "tmdHc/YjAIu1O/XxwnyLTjgHIK1h95JwpskSy23Khj5="
def secret = hudson.util.Secret.fromString(key)
println(secret.getPlainText())
@sigmunau

This comment has been minimized.

Copy link

sigmunau commented Aug 29, 2018

@vijayg92 , @egr-ext This works for me:

println(new String(com.cloudbees.plugins.credentials.SecretBytes.fromString("{....}").getPlainData(), "ASCII"))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.