@@ -0,0 +1,199 @@
/*
* (C) 2012 MSRoth - msroth.wordpress.com
*
* recoverPW v2
*
* This code will decrypt BOF and database passwords. It will *NOT* decrypt
* inline user passwords.
*
* From the D6.5 EMC Documentum Content Server Administration Guide, p. 353:
* "Passwords encrypted with encryptPassword cannot be decrypted explicitly
* by an application or user."
*
* usage: c:>java recoverPW <password>
*
* aek.key file must exist in c:\documentum\config
*
*/
package com .dm_misc .recoverpw ;
import com .documentum .fc .client .impl .crypto .CryptoUtils ;
import com .documentum .fc .tools .RegistryPasswordUtils ;
import com .documentum .dmcl .impl .DmclApi ;
import com .documentum .web .formext .session .TrustedAuthenticatorTool ;
import com .documentum .web .formext .session .TrustedAuthenticatorUtils ;
import java .io .*;
public class RecoverPW {
private static final String AEK_PATH = "c:/documentum/config/aek.key" ;
private static boolean decrypted = false ;
private static String password = "" ;
public static void main (String args []) {
try {
if (args .length != 1 ) {
System .out .println ("usage: c:>java recoverPW <password>" );
System .exit (1 );
}
File file = new File (AEK_PATH );
if (!file .exists ()) {
System .out .println ("Could not find aek.key file. Please copy from Content Server to " + AEK_PATH );
System .exit (1 );
}
// get encrypted password from command line
password = args [0 ];
System .out .println ("\n Trying to decrypt '" + password + "'...\n " );
// try decrypting with BOF utils - shorter, base64 encoded passwords
try {
String clearText = "" ;
System .out .print ("\t BOF Utils ->\t \t \t \t " );
clearText = RegistryPasswordUtils .decrypt (password );
if ((clearText != null ) && (clearText .length () > 0 )) {
System .out .println ("'" + clearText + "'" );
decrypted = true ;
}
} catch (Exception e ) {
//e.printStackTrace();
System .out .println ("ERROR: " + e .getMessage ());
}
// try decrypting with API - longer, dm_encrypt_password passwords
try {
String clearText = "" ;
System .out .print ("\t API ->\t \t \t \t \t " );
DmclApi .getInstance ().exec ("initcrypto,c," + AEK_PATH );
clearText = DmclApi .getInstance ().get ("decrypttext,c,DM_ENCR_TEXT=" + password );
if ((clearText != null ) && (clearText .length () > 0 )) {
System .out .println ("'" + clearText + "'" );
decrypted = true ;
}
} catch (Exception e ) {
System .out .println ("ERROR: " + e .getMessage ());
//e.printStackTrace();
}
// try decrypting with CryptoUtils(Password)
try {
String clearText = "" ;
System .out .print ("\t CryptoUtils (password) ->\t \t " );
CryptoUtils c = CryptoUtils .getInstance ();
clearText = c .decryptPassword ("DM_ENCR_PASS=" + password );
if ((clearText != null ) && (clearText .length () > 0 )) {
System .out .println ("'" + clearText + "'" );
decrypted = true ;
}
} catch (Exception e ) {
System .out .println ("ERROR: " + e .getMessage ());
//e.printStackTrace();
}
// try decrypting with CryptoUtils(Text)
try {
String clearText = "" ;
System .out .print ("\t CryptoUtils (text) ->\t \t \t " );
CryptoUtils c = CryptoUtils .getInstance ();
clearText = c .decryptText ("DM_ENCR_TEXT=" + password , "p6lo3ly1oj5ne&" );
if ((clearText != null ) && (clearText .length () > 0 )) {
System .out .println ("'" + clearText + "'" );
decrypted = true ;
}
} catch (Exception e ) {
System .out .println ("ERROR: " + e .getMessage ());
//e.printStackTrace();
}
// try WDK DES
try {
String clearText = "" ;
System .out .print ("\t TrustedAuthenticatorUtils (DES) ->\t " );
clearText = TrustedAuthenticatorUtils .decryptByDES (password );
if ((clearText != null ) && (clearText .length () > 0 )) {
System .out .println ("'" + clearText + "'" );
decrypted = true ;
}
} catch (Exception e ) {
System .out .println ("ERROR: " + e .getMessage ());
//e.printStackTrace();
}
// try WDK decrypt
try {
String clearText = "" ;
System .out .print ("\t TrustedAuthenticatorUtils (decrypt) ->\t " );
clearText = TrustedAuthenticatorUtils .decrypt (password );
if ((clearText != null ) && (clearText .length () > 0 )) {
System .out .println ("'" + clearText + "'" );
decrypted = true ;
}
} catch (Exception e ) {
System .out .println ("ERROR: " + e .getMessage ());
//e.printStackTrace();
}
// try WDK Authenticator Tool - just uses TrustedAuthenticatorUtils to encrypt
// This will never decrypt, running the main() only does encrypt.
try {
System .out .print ("\t WDK authenticator tool -> \t \t " );
// create a stream to hold the output since WDK authenticator tool
// prints to console
ByteArrayOutputStream baos = new ByteArrayOutputStream ();
PrintStream ps = new PrintStream (baos );
PrintStream old = System .out ;
System .setOut (ps );
// call tool to decrypt text
TrustedAuthenticatorTool .main (new String []{password });
// put things back
System .out .flush ();
System .setOut (old );
// see what happened
String clearText = baos .toString ();
int idx = clearText .indexOf ("Decrypted:" );
if (idx > 0 ) {
clearText = clearText .substring (idx + "Decrypted: [" .length (), clearText .length () - 3 );
System .out .println ("'" + clearText + "'" );
if (clearText .equalsIgnoreCase (password )) {
decrypted = false ;
} else {
decrypted = true ;
}
} else {
System .out .println ("ERROR: could not decrypt with WDK Authenticator Tool" );
}
} catch (Exception e ) {
System .out .println ("ERROR: " + e .getMessage ());
//e.printStackTrace();
}
} catch (Exception e ) {
System .out .println ("General Error: " + e .getMessage ());
// e.printStackTrace();
}
System .out .println ();
if (!decrypted ) {
System .out .println ("\n Sorry, could not decrypt '" + password + "'." );
}
System .out .println ("Done." );
}
}
/*
* <SDG><
*/
h3xstream revised this gist