import org.bouncycastle.jce.provider.BouncyCastleProvider;

import sun.misc.BASE64Decoder;

import javax.crypto.*;

import javax.crypto.spec.IvParameterSpec;

import javax.crypto.spec.PBEKeySpec;

import javax.crypto.spec.PBEParameterSpec;

import javax.crypto.spec.SecretKeySpec;

import java.io.FileInputStream;

import java.io.IOException;

import java.io.InputStream;

import java.security.InvalidAlgorithmParameterException;

import java.security.InvalidKeyException;

import java.security.NoSuchAlgorithmException;

import java.security.Security;

import java.security.spec.InvalidKeySpecException;

public class WebLogicPasswordDecryptor {

    public static void main(String args[]) throws IOException, NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, InvalidKeySpecException, InvalidAlgorithmParameterException {

        Security.addProvider(new BouncyCastleProvider());

        String serializedSystemIniPath = args[0];

        String ciphertext = args[1];

        String cleartext = "";

        if (ciphertext.startsWith("{AES}")){

            ciphertext = ciphertext.replaceAll("^[{AES}]+", "");

            cleartext = decryptAES(serializedSystemIniPath,ciphertext);

        } else if (ciphertext.startsWith("{3DES}")){

            ciphertext = ciphertext.replaceAll("^[{3DES}]+", "");

            cleartext = decrypt3DES(serializedSystemIniPath, ciphertext);

        }

        System.out.println(cleartext);

    }

    public static String decryptAES(String SerializedSystemIni, String ciphertext) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, IOException {

        byte[] encryptedPassword1 = new BASE64Decoder().decodeBuffer(ciphertext);

        byte[] salt = null;

        byte[] encryptionKey = null;

        String key = "0xccb97558940b82637c8bec3c770f86fa3a391a56";

        char password[] = new char[key.length()];

        key.getChars(0, password.length, password, 0);

        FileInputStream is = new FileInputStream(SerializedSystemIni);

        try {

            salt = readBytes(is);

            int version = is.read();

            if (version != -1) {

                encryptionKey = readBytes(is);

                if (version >= 2) {

                    encryptionKey = readBytes(is);

                }

            }

        } catch (IOException e) {

        }

        SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWITHSHAAND128BITRC2-CBC");

        PBEKeySpec pbeKeySpec = new PBEKeySpec(password, salt, 5);

        SecretKey secretKey = keyFactory.generateSecret(pbeKeySpec);

        PBEParameterSpec pbeParameterSpec = new PBEParameterSpec(salt, 0);

        Cipher cipher = Cipher.getInstance("PBEWITHSHAAND128BITRC2-CBC");

        cipher.init(Cipher.DECRYPT_MODE, secretKey, pbeParameterSpec);

        SecretKeySpec secretKeySpec = new SecretKeySpec(cipher.doFinal(encryptionKey), "AES");

        byte[] iv = new byte[16];

        System.arraycopy(encryptedPassword1, 0, iv, 0, 16);

        int encryptedPasswordlength = encryptedPassword1.length - 16 ;

        byte[] encryptedPassword2 = new byte[encryptedPasswordlength];

        System.arraycopy(encryptedPassword1, 16, encryptedPassword2, 0, encryptedPasswordlength);

        IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);

        Cipher outCipher = Cipher.getInstance("AES/CBC/PKCS5Padding");

        outCipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivParameterSpec);

        byte[] cleartext = outCipher.doFinal(encryptedPassword2);

        return new String(cleartext, "UTF-8");

    }

    public static String decrypt3DES(String SerializedSystemIni, String ciphertext) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, IOException {

        byte[] encryptedPassword1 = new BASE64Decoder().decodeBuffer(ciphertext);

        byte[] salt = null;

        byte[] encryptionKey = null;

        String PW = "0xccb97558940b82637c8bec3c770f86fa3a391a56";

        char password[] = new char[PW.length()];

        PW.getChars(0, password.length, password, 0);

        FileInputStream is = new FileInputStream(SerializedSystemIni);

        try {

            salt = readBytes(is);

            int version = is.read();

            if (version != -1) {

                encryptionKey = readBytes(is);

                if (version >= 2) {

                    encryptionKey = readBytes(is);

                }

            }

        } catch (IOException e) {

        }

        SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWITHSHAAND128BITRC2-CBC");

        PBEKeySpec pbeKeySpec = new PBEKeySpec(password, salt, 5);

        SecretKey secretKey = keyFactory.generateSecret(pbeKeySpec);

        PBEParameterSpec pbeParameterSpec = new PBEParameterSpec(salt, 0);

        Cipher cipher = Cipher.getInstance("PBEWITHSHAAND128BITRC2-CBC");

        cipher.init(Cipher.DECRYPT_MODE, secretKey, pbeParameterSpec);

        SecretKeySpec secretKeySpec = new SecretKeySpec(cipher.doFinal(encryptionKey),"DESEDE");

        byte[] iv = new byte[8];

        System.arraycopy(salt, 0, iv, 0, 4);

        System.arraycopy(salt, 0, iv, 4, 4);

        IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);

        Cipher outCipher = Cipher.getInstance("DESEDE/CBC/PKCS5Padding");

        outCipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivParameterSpec);

        byte[] cleartext = outCipher.doFinal(encryptedPassword1);

        return new String(cleartext, "UTF-8");

    }

    public static byte[] readBytes(InputStream stream) throws IOException {

        int length = stream.read();

        byte[] bytes = new byte[length];

        int in = 0;

        int justread;

        while (in < length) {

            justread = stream.read(bytes, in, length - in);

            if (justread == -1) {

                break;

            }

            in += justread;

        }

        return bytes;

    }

}

代码如上(https://github.com/sevck/WebLogicPasswordDecryptor)

还需要:需要下载一个bcprov-ext-jdk16-146.jar包,拷贝到$PATH\jre\lib\ext\

环境配置:修改C:\Program Files\Java\jdk1.7.0_55\jre\lib\security\java.security文件,增加一行
security.provider.11=org.bouncycastle.jce.provider.BouncyCastleProvider

然后就是编译JAVA文件,输入bat和密钥:

weblogic解密工具的更多相关文章

  1. 自己写的AES和RSA加密解密工具

    package com.sdyy.common.utils; import java.security.Key; import java.security.KeyFactory; import jav ...

  2. 【Java】通过DES加密和解密工具,对字符串进行加密和解密操作

    分享一个非常不错的字符串加密和解密的程序. 可以指定不同的密钥对同一字符串进行不同的加密操作,增强加密性能. Java代码如下: package com.app; import java.securi ...

  3. RSA加解密工具类RSAUtils.java,实现公钥加密私钥解密和私钥解密公钥解密

    package com.geostar.gfstack.cas.util; import org.apache.commons.codec.binary.Base64; import javax.cr ...

  4. RSA加密和解密工具类

    import org.apache.commons.codec.binary.Base64; import javax.crypto.Cipher; import java.security.*; i ...

  5. 使用jframe编写一个base64加密解密工具

    该工具可以使用exe4j来打包成exe工具(如何打包自己百度) 先上截图功能 运行main方法后,会弹出如下窗口 输入密文 然后点击解密,在点格式化 代码分享 package tools;import ...

  6. Base64加密解密工具类

    使用Apache commons codec类Base64进行加密解密 maven依赖 <dependency> <groupId>commons-codec</grou ...

  7. PHP 神盾解密工具

    前两天分析了神盾的解密过程所用到的知识点,昨晚我把工具整理了下,顺便用神盾加密了.这都是昨天说好的,下面看下调用方法吧. 先下载 decryption.zip然后解压放到一个文件夹里,把你要解密的文件 ...

  8. Java中的AES加解密工具类:AESUtils

    本人手写已测试,大家可以参考使用 package com.mirana.frame.utils.encrypt; import com.mirana.frame.constants.SysConsta ...

  9. Java中的RSA加解密工具类:RSAUtils

    本人手写已测试,大家可以参考使用 package com.mirana.frame.utils.encrypt; import com.mirana.frame.utils.log.LogUtils; ...

随机推荐

  1. Hibernate解决n+1问题

    观点:对于n+1问题的理解. 一般而言说n+1意思是,无论在一对多还是多对一当查询出n条数据之后,每条数据会关联的查询1次他的关联对象,这就叫做n+1. 但是我的理解是,本来所有信息可以一次性查询出来 ...

  2. 纯CSS实现nav导航栏+jQuery实现article区DIV切换

    效果图: main.html 代码: <!DOCTYPE html> <html> <head> <title>MyHomepage</title ...

  3. declare和typeset DEMO

    declare=typeset,用法完成相同. declare不指定变量:显示所有变量的值. -r选项,把指定变量定义为只读变量: [xiluhua@vm-xiluhua][~]$ declare - ...

  4. linux下对sh文件的操作

    1.创建test.sh文件 touch test.sh 2.编辑sh文件 vi test.sh(i:插入 | esc:退出insert模式 | wq+回车:退出) 3.保存退出 敲击esc, 然后输入 ...

  5. Window驱动开发

    驱动开发 参考文章: Windbg+Vmware驱动调试 http://blog.csdn.net/xuepiaosong/article/details/8236702 驱动调试攻略(WinDbg) ...

  6. hdwiki中模板和标签的使用

    MVC中的视图view 主要负责页面显示部分,所有的页面显示全部在此实现,视图对整个页面负责,它通过control的调用来显示页面和数据. ......视图(view)类template.class. ...

  7. java UUID

    UUID是Universally Unique Identifier的缩写,它是在一定的范围内(从特定的名字空间到全球)唯一的机器生成的标识符.UUID具有以下涵义: 经由一定的算法机器生成 为了保证 ...

  8. python 入门教程

    转载自:http://www.crifan.com/files/doc/docbook/python_beginner_tutorial/release/html/python_beginner_tu ...

  9. JavaScript DOM 编程艺术(第2版)读书笔记(2)

    JavaScript 语法 注释 单行注释:// 多行注释:/* */ "<!--"可以用作单行注释,由于和HTML的"<!--  -->"多 ...

  10. string xml json格式区别

    string 是一种最普通的储存一串字符的数据格式 xml 是一种可扩展标记语言,它可以用来标记数据.定义数据类型,是一种允许用户对自己的标记语言进行定义的源语言. 它非常适合万维网传输,提供统一的方 ...