原文ip:https://blog.csdn.net/daohengshangqian/article/details/40449975/
- 1 运行脚本加载环境变量
- [root@localhost dao]# . /bea/wlserver_10.3/server/bin/setWLSEnv.sh
- CLASSPATH=/bea/patch_wls1035/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/bea/patch_ocp360/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/java6/lib/tools.jar:/bea/wlserver_10.3/server/lib/weblogic_sp.jar:/bea/wlserver_10.3/server/lib/weblogic.jar:/bea/modules/features/weblogic.server.modules_10.3.5.0.jar:/bea/wlserver_10.3/server/lib/webservices.jar:/bea/modules/org.apache.ant_1.7.1/lib/ant-all.jar:/bea/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar:
- PATH=/bea/wlserver_10.3/server/bin:/bea/modules/org.apache.ant_1.7.1/bin:/java6/jre/bin:/java6/bin:/java6/bin:/usr/lib64/qt-3.3/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
- Your environment has been set.
- 2 随便创建一个文件夹
- mdir /root/dao
- 3 编写破解程序
- [root@localhost dao]# vi Decrypt.java
- import weblogic.security.internal.*;
- import weblogic.security.internal.encryption.*;
- import java.io.PrintStream;
- public class Decrypt {
- static EncryptionService es = null;
- static ClearOrEncryptedService ces = null;
- public static void main(String[] args) {
- String s = null;
- if (args.length == 0) {
- s = ServerAuthenticate.promptValue("Password: ", false);
- } else if (args.length == 1) {
- s = args[0];
- } else {
- System.err.println("Usage: java Decrypt [ password ]");
- }
- es = SerializedSystemIni.getExistingEncryptionService();
- if (es == null) {
- System.err.println("Unable to initialize encryption service");
- return;
- }
- ces = new ClearOrEncryptedService(es);
- if (s != null) {
- System.out.println("\nDecrypted Password is:" + ces.decrypt(s));
- }
- }
- }
- "Decrypt.java" 36L, 926C written
- 4 编译破译程序
- [root@localhost dao]# javac Decrypt.java
- 5 找到并打开之前的boot.properties文件
- [root@localhost security]# pwd
- /bea/user_projects/domains/dao_domain/servers/AdminServer/security
- [root@localhost security]# cat boot.properties
- #Sat Oct 25 16:38:26 CST 2014
- password={AES}SpPRq9UhXCWaErKCSOdM+bh0BmgsU6HvEVvrPXUXhds\=
- username={AES}oxOi8NphVlB9ndOoInQcTu27PM/P+s3doyMcBZGqtWk\=
- 6 运行java 破解boot.properties的内容
- [root@localhost dao]# java Decrypt {AES}oxOi8NphVlB9ndOoInQcTu27PM/P+s3doyMcBZGqtWk\=
- Decrypted Password is:weblogic
- [root@localhost dao]# java Decrypt {AES}SpPRq9UhXCWaErKCSOdM+bh0BmgsU6HvEVvrPXUXhds\=
- Decrypted Password is:weblogic1