Chinaunix首页 | 论坛 | 博客

我的天空

首页 |  博文目录 |  关于我

likewindy

  • 博客访问: 515586
  • 博文数量: 99
  • 博客积分: 2030
  • 博客等级: 大尉
  • 技术积分: 783
  • 用 户 组: 普通用户
  • 注册时间: 2006-08-12 09:11
文章分类

全部博文(99)

文章存档

2023年(2)

2022年(1)

2020年(1)

2019年(1)

2018年(4)

2017年(16)

2016年(60)

2015年(1)

2013年(3)

2006年(10)

我的朋友
最近访客
推荐博文
相关博文
WebLogic 密码破解

分类: Java

2017-01-22 11:08:25

一、准备

下载需要的jar包:1: sun.misc.BASE64Decoder.jar
        2: bcprov-ext-jdk16-1.46.jar

二、查找文件

查找SerializedSystemIni.dat 
第一步:weblogic的路径一般都在/oracle/weblogic/目录下
第二步:查找domain的路径:一般都配置在domain-registry.xml
第三步:$domain/security/ 目录下就是我们要找的SerializedSystemIni.dat文件了
第四步: $domain/config/jdbc/  
查找文件包含的内容,命令: grep -R "SerializedSystemIni.dat" * 命令来查找

三、解密

  1. import org.bouncycastle.jce.provider.BouncyCastleProvider;

  3. import Decoder.BASE64Decoder;

  5. import javax.crypto.*;
  6. import javax.crypto.spec.IvParameterSpec;
  7. import javax.crypto.spec.PBEKeySpec;
  8. import javax.crypto.spec.PBEParameterSpec;
  9. import javax.crypto.spec.SecretKeySpec;
  10. import java.io.FileInputStream;
  11. import java.io.IOException;
  12. import java.io.InputStream;
  13. import java.security.InvalidAlgorithmParameterException;
  14. import java.security.InvalidKeyException;
  15. import java.security.NoSuchAlgorithmException;
  16. import java.security.Security;
  17. import java.security.spec.InvalidKeySpecException;


  20. public class WebLogicPasswordDecryptor {

  22.     public static void main(String args[]) throws IOException, NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, InvalidKeySpecException, InvalidAlgorithmParameterException {

  24.         Security.addProvider(new BouncyCastleProvider());
  25.         //serializedSystemIniPath
  26. // String serializedSystemIniPath = args[0]; SerializedSystemIni.dat的路径
  27.         String serializedSystemIniPath="D:\\work\\weblogic\\SerializedSystemIni.dat";
  28. // String ciphertext = args[1]; 需要解密的字符串
  29.         String ciphertext="XXXXXXXXXX";
  30.         String cleartext = "";

  32.         if (ciphertext.startsWith("{AES}")){
  33.             ciphertext = ciphertext.replaceAll("^[{AES}]+", "");
  34.             cleartext = decryptAES(serializedSystemIniPath,ciphertext);
  35.         } else if (ciphertext.startsWith("{3DES}")){
  36.             ciphertext = ciphertext.replaceAll("^[{3DES}]+", "");
  37.             cleartext = decrypt3DES(serializedSystemIniPath, ciphertext);
  38.         }

  40.         System.out.println(cleartext);
  41.     }

  43.     public static String decryptAES(String SerializedSystemIni, String ciphertext) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, IOException {

  45.         byte[] encryptedPassword1 = new BASE64Decoder().decodeBuffer(ciphertext);
  46.         byte[] salt = null;
  47.         byte[] encryptionKey = null;

  49.         String key = "0xccb97558940b82637c8bec3c770f86fa3a391a56";

  51.         char password[] = new char[key.length()];

  53.         key.getChars(0, password.length, password, 0);

  55.         FileInputStream is = new FileInputStream(SerializedSystemIni);
  56.         try {
  57.             salt = readBytes(is);

  59.             int version = is.read();
  60.             if (version != -1) {
  61.                 encryptionKey = readBytes(is);
  62.                 if (version >= 2) {
  63.                     encryptionKey = readBytes(is);
  64.                 }
  65.             }
  66.         } catch (IOException e) {

  68.         }

  70.         SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWITHSHAAND128BITRC2-CBC");

  72.         PBEKeySpec pbeKeySpec = new PBEKeySpec(password, salt, 5);

  74.         SecretKey secretKey = keyFactory.generateSecret(pbeKeySpec);

  76.         PBEParameterSpec pbeParameterSpec = new PBEParameterSpec(salt, 0);

  78.         Cipher cipher = Cipher.getInstance("PBEWITHSHAAND128BITRC2-CBC");
  79.         cipher.init(Cipher.DECRYPT_MODE, secretKey, pbeParameterSpec);
  80.         SecretKeySpec secretKeySpec = new SecretKeySpec(cipher.doFinal(encryptionKey), "AES");

  82.         byte[] iv = new byte[16];
  83.         System.arraycopy(encryptedPassword1, 0, iv, 0, 16);
  84.         int encryptedPasswordlength = encryptedPassword1.length - 16 ;
  85.         byte[] encryptedPassword2 = new byte[encryptedPasswordlength];
  86.         System.arraycopy(encryptedPassword1, 16, encryptedPassword2, 0, encryptedPasswordlength);
  87.         IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
  88.         Cipher outCipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
  89.         outCipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivParameterSpec);

  91.         byte[] cleartext = outCipher.doFinal(encryptedPassword2);

  93.         return new String(cleartext, "UTF-8");

  95.     }

  97.     public static String decrypt3DES(String SerializedSystemIni, String ciphertext) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, IOException {

  99.         byte[] encryptedPassword1 = new BASE64Decoder().decodeBuffer(ciphertext);
  100.         byte[] salt = null;
  101.         byte[] encryptionKey = null;

  103.         String PW = "0xccb97558940b82637c8bec3c770f86fa3a391a56";

  105.         char password[] = new char[PW.length()];

  107.         PW.getChars(0, password.length, password, 0);

  109.         FileInputStream is = new FileInputStream(SerializedSystemIni);
  110.         try {
  111.             salt = readBytes(is);

  113.             int version = is.read();
  114.             if (version != -1) {
  115.                 encryptionKey = readBytes(is);
  116.                 if (version >= 2) {
  117.                     encryptionKey = readBytes(is);
  118.                 }
  119.             }


  122.         } catch (IOException e) {

  124.         }

  126.         SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWITHSHAAND128BITRC2-CBC");

  128.         PBEKeySpec pbeKeySpec = new PBEKeySpec(password, salt, 5);

  130.         SecretKey secretKey = keyFactory.generateSecret(pbeKeySpec);

  132.         PBEParameterSpec pbeParameterSpec = new PBEParameterSpec(salt, 0);

  134.         Cipher cipher = Cipher.getInstance("PBEWITHSHAAND128BITRC2-CBC");
  135.         cipher.init(Cipher.DECRYPT_MODE, secretKey, pbeParameterSpec);
  136.         SecretKeySpec secretKeySpec = new SecretKeySpec(cipher.doFinal(encryptionKey),"DESEDE");

  138.         byte[] iv = new byte[8];
  139.         System.arraycopy(salt, 0, iv, 0, 4);
  140.         System.arraycopy(salt, 0, iv, 4, 4);

  142.         IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
  143.         Cipher outCipher = Cipher.getInstance("DESEDE/CBC/PKCS5Padding");
  144.         outCipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivParameterSpec);

  146.         byte[] cleartext = outCipher.doFinal(encryptedPassword1);
  147.         return new String(cleartext, "UTF-8");

  149.     }

  151.     public static byte[] readBytes(InputStream stream) throws IOException {
  152.         int length = stream.read();
  153.         byte[] bytes = new byte[length];
  154.         int in = 0;
  155.         int justread;
  156.         while (in < length) {
  157.             justread = stream.read(bytes, in, length - in);
  158.             if (justread == -1) {
  159.                 break;
  160.             }
  161.             in += justread;
  162.         }
  163.         return bytes;
  164.     }
  165. }

参见,这里是整合了一下
阅读(1072) | 评论(0) | 转发(0) |
0

上一篇:剖析MYSQL查询之一慢查询

下一篇:密码破解之王:Ophcrack彩虹表(Rainbow Tables)原理详解(附:120G彩虹表下载)

给主人留下些什么吧!~~
关于我们 | 关于IT168 | 联系方式 | 广告合作 | 法律声明 | 免费注册

Copyright 2001-2010 ChinaUnix.net All Rights Reserved 北京皓辰网域网络信息技术有限公司. 版权所有

感谢所有关心和支持过ChinaUnix的朋友们

16024965号-6