Child pages
  • How to hack an ODI supervisor password
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Current »

Oracle Data Integrator (ODI) agents and Studio clients need a database connection to the ODI repository and a supervisor password to connect. In case this password ist lost, it can be engineered in clear-text from the hash stored locally.

Decrypt an ODI / Weblogic password hash

[oracle@s-001-lin-t-db ~]$ /u01/Middleware/Oracle_Home/oracle_common/common/bin/wlst.sh decrypt.py
Initializing WebLogic Scripting Tool (WLST) ...
Jython scans all the jar files it can find at first startup. Depending on the system, this process may take a few minutes to complete, and WLST may not return a prompt right away.
Welcome to WebLogic Server Administration Scripting Shell Type help() for help on available commands
Provide Domain Home location: /u01/Middleware/Oracle_Home/user_projects/domains/base_domain Provide encrypted password or username (e.g.: {AES}jNdVLr...): {AES} v2O+vXXXXnmQ7TXXXTUu6pdXXX1wTXs/+XXXyxBQGuQ=
Make sure that nobody is staying behind you :-) Press ENTER to see the password ...
Value in cleartext is: secret

You need the script decrypt.py, which can be found at Dirk Nachbars site or here.

Encrypt an ODI / Weblogic password

[oracle@s-001-lin-t-db base_domain]$ java -cp /u01/Middleware/Oracle_Home/wlserver/server/lib/weblogic.jar weblogic.security.Encrypt secret
{AES} v2O+vXXXXnmQ7TXXXTUu6pdXXX1wTXs/+XXXyxBQGuQ=



See also:

  • No labels