Skip to content
/ was_xor_decode Public

Decodes xor'ed passwords stored in the security.xml for Websphere Application Server (and related products)

License

MIT license
6 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

digital-shokunin/was_xor_decode

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
xor_decode.py
xor_decode.py
 
 

Repository files navigation

was_xor_decode

Decodes xor'ed passwords stored in the security.xml for Websphere Application Server (and related products) so you don't have to trust websites with your passwords, which may be blocked at your workplace anyway.

Can be run in python or wsadmin.sh using jython

###Usage:

xor_decode.py <xor string>

Example: wsadmin.sh -lang jython -f xor_decode.py {xor}Lz4sLCgwLTs=

or

Example: python xor_decode.py {xor}Lz4sLCgwLTs=

###Command to easily find passwords(on Unix/Linux):

ps -eaf |grep java |grep com.ibm.ws | awk '{for(i=1;i<=NF;i++){if ($i ~ /user\.install\.root/){print $i}}}' | awk -F'=' '{print $2}' |xargs -I % find % -name "security.xml" -exec grep {xor} '{}' \; | awk '{for(i=1;i<=NF;i++){if ($i ~ /password/){print $i}}}'

About

Decodes xor'ed passwords stored in the security.xml for Websphere Application Server (and related products)

Resources

Readme

License

MIT license
Activity

Stars

6 stars

Watchers

2 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages