BEA/Oracle WebLogic application server being an enterprise-ready piece of software treats security seriously. One of the symptoms of that is the fact that all sensitive pieces of information like logins, passwords etc. are kept in encrypted form. While browsing through config.xml or boot.properties files you can easily spot them since they are usually prefixed with ‘{3DES}’ string which obviously suggests the encryption algorithm used.
The interesting thing is that with a little bit of efford it’s actually quite easy to extract the decrypted values from config files by using a few undocumented APIs buried in WebLogic itself. Below you will find a simple tool that will output a content of either .xml or .properties configuration file provided as input, replacing all encrypted values with their original content. It works with WebLogic 10 but can be easily adapted for versions 8 and 9 as well (domain directory structure is slightly different between these versions). I wrote it some time ago in order to be able to easily retrieve logins and passwords of development domains that I kept forgetting too often. 
Obviously there are many other uses, like configuration management, application server migration tools etc.
