WebSphere encrypts the user passwords using a simple XOR encryption. Here are routines to decrypt in various languages:
Python 2:
- import base64
- def xorDecrypt(p):
- return "".join(map(chr, map(lambda x : ord(x) ^ 0x5F, base64.b64decode(p))))
Python 3: Note that ord() function in Python 3 expects a Unicode character.
- import base64
- def xorDecrypt(p):
- return "".join(map(chr, map(lambda x : ord(x) ^ 0x5F, base64.b64decode(p).decode())))
Perl 5:
- use MIME::Base64;
- join('', map { chr(ord($_) ^ 0x5f); } split('', decode_base64($password)))
PHP 5:
- function xorDecrypt($xor)
- {
- $z = '';
- foreach (str_split(base64_decode($xor)) as $c) $z .= chr(ord($c) ^ 0x5f);
- return $z;
- }
PowerShell:
- function DecryptPassword
- {
- param(
- [string]$encoded
- )
- if ($encoded.ToLower().StartsWith('{xor}')) {
- $enPswd = $encoded.Substring(5)
- }
- else {
- $enPswd = $encoded
- }
- $dePswd = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($enPswd))
- $clPswd = ''
- for ($i = 0; $i -lt $dePswd.Length; $i++) {
- $clPswd += [char]([int][char]($dePswd.Substring($i, 1)) -bxor 0x5f)
- }
- return $clPswd;
- }
Java:
- import java.util.Base64;
- public static String xorDecode(String s)
- {
- String n;
- if (s.startsWith("{xor}")) {
- n = s.substring(5);
- }
- else {
- n = s;
- }
- byte[] decoded = Base64.getDecoder().decode(n);
- byte[] decrypted = new byte[decoded.length];
- for (int i = 0; i < decoded.length; i++) {
- decrypted[i] = (byte) ((int) decoded[i] ^ 0x5f);
- }
- return new String(decrypted, "UTF-8");
- }
No comments:
Post a Comment