IBM WebSphere Application Server (WAS) password decoder

08 Mar 2014

Recently I was on a job where we needed to decode a WAS password. I found it a bit troublesome to do it as IBM suggests, requiring you to use classes from the WebSphere jar files. I wrote a simple python script which can decode these passwords easily.

The IBM way of decoding is as follows:

java -cp ws_runtime.jar com.ibm.ws.security.util.PasswordDecoder {xor}Lz4sLCgwLTs=

Now WebSphere encodes passwords within the secret.xml file by performing a XOR operation using the underscore to XOR against '_'. So I recreated a simple decoder have a look here: