How to Decrypt SqlDeveloper connections passwords

To recover password we need two files named connections.xml & product-preferences.xml .
Above files can be available in below locations

On Windows :
%APPDATA%\SQL Developer\system*\o.jdeveloper.db.connection*\connections.xml
%APPDATA%\SQL Developer\system*\o.sqldeveloper*\product-preferences.xml

On Linux :

Get required data from connections.xml 
You can find encrypted password in connections.xml, which will looks like below tag

<Reference xmlns="" className="oracle.jdeveloper.db.adapter.DatabaseProvider" name="MyDev DB">
<Factory className="oracle.jdevimpl.db.adapter.DatabaseProviderFactory1212"/>
<StringRefAddr addrType="password">
Get System ID from product-preferences.xml
Search for "" from “product-preferences.xml” and you can find similar below
<value n="" v="e8a85bc1-414c-4f9e-8a48-9ac5a62382e2"/>


Java code to Decrypt
Use below code to Decrpt (Reference :

import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.bind.DatatypeConverter;
import java.util.Base64;

public class Decrypt_V4 {

private static byte[] des_cbc_decrypt(
 byte[] encrypted_password,
 byte[] decryption_key,
 byte[] iv)
 throws GeneralSecurityException

Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
 cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(decryption_key, "DES"), new IvParameterSpec(iv));
 return cipher.doFinal(encrypted_password);

private static byte[] decrypt_v4(
 byte[] encrypted,
 byte[] db_system_id)
 throws GeneralSecurityException
byte[] encrypted_password = Base64.getDecoder().decode(encrypted);
byte[] salt = DatatypeConverter.parseHexBinary("051399429372e8ad");

// key = db_system_id + salt
 byte[] key = new byte[db_system_id.length + salt.length];
 System.arraycopy(db_system_id, 0, key, 0, db_system_id.length);
 System.arraycopy(salt, 0, key, db_system_id.length, salt.length); md ="MD5");
 for (int i=0; i<42; i++) {
 key = md.digest(key);

// secret_key = key [0..7]
 byte[] secret_key = new byte[8];
 System.arraycopy(key, 0, secret_key, 0, 8);

// iv = key [8..]
 byte[] iv = new byte[key.length - 8];
 System.arraycopy(key, 8, iv, 0, key.length - 8);

return des_cbc_decrypt(encrypted_password, secret_key, iv);

public static void main(String[] argv) { try {

byte[] encrypted = argv[0].getBytes();
 byte[] db_system_id = argv[1].getBytes();

byte[] x = decrypt_v4(encrypted, db_system_id);

String password = new String(x);

 catch (Exception e) {

Save above code as .

Compile using javac 

Usage : “java Decryp_V4 encryped_Password sysem_ID_value”

java Decrypt_V4 vnmPXCpxyhukK4TmQjrMng e8a85bc1-414c-4f9e-8a48-9ac5a62382e2
C:\Oracle>java Decrypt_V4 vnmPXCpxyhukK4TmQjrMng e8a85bc1-414c-4f9e-8a48-9ac5a62382e2


References :-


5 thoughts on “How to Decrypt SqlDeveloper connections passwords

  1. Getting below error
    javax.crypto.BadPaddingException: Given final block not properly padded


  2. I can not find product-preferences.xml in any places on system (UBUNTU 18.04 – SQL Developer Version, Build 095.1630). Any suggestions?


  3. SECRET=”$(cat $HOME/.sqldeveloper/system*/o.sqldeveloper/product-preferences.xml | grep | sed ‘s/.*v=”\([^”]*\).*/\1/’)”
    PASSWORDS=”$(cat $HOME/.sqldeveloper/system*/o.jdeveloper.db.connection/connections.xml | tr -d ‘\n’ | sed ‘s~~\n~g’ | grep password | sed ‘s/.*//’)”

    for x in $PASSWORDS; do java Decrypt_V4 $x $SECRET; done

    Liked by 1 person

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s