How to decrypt Jenkins 8mha values
If we look at the Jenkins work logs, we can see that the text contained here is exactly the same as what is displayed in the browser when you view the EXCEPT console output for the url that something is encoded in the log files with the tag [8mha:
Does anyone know how we can "decrypt" it?
Already tried simple base64 but it doesn't work.
This is one of these lines
[8mha:AAAAqR+LCAAAAAAAAP9b85aBtbiIQSajNKU4P08vOT+vOD8nVc+jsiC1KCczL9svvyTVzHb1RttJBUeZGJg8GdhyUvPSSzJ8GJhLi3JKGIR8shLLEvVzEvPS9YNLijLz0q0rihik0IxzhtAgwxgggJGJgaGiAMiQL2HQ0c/KT9J3zkhNzs4vLVE1MtAFYpfEkkQg5ZuYl5ieWgRkBbgF65sa6QMAtVXQDbEAAAA=[0m
source to share
This line is an ansi- / color encoded input log file. To view the plain text version you can use https://github.com/mmalecki/ansispan . So the given line
[8mha:AAAAaB+LCAAAAAAAAP9b85aBtbiIwTG/KF0vKzUvOzOvODlTryCnNB3I0ivPL8pOy8kv18vKT9JLzs8rzs9J1QuHCgaV5jlDhPzyS1IZIICRiYGhoohBKqM0pTg/D64Hh8ICAFt0h+h/AAAA[0m[Pipeline] { (prepare)
[8mha:AAAAaB+LCAAAAAAAAP9b85aBtbiIwTG/KF0vKzUvOzOvODlTryCnNB3I0ivPL8pOy8kv18vKT9JLzs8rzs9J1QuHCgaV5jlDhPzyS1IZIICRiYGhoohBKqM0pTg/D64Hh8ICAFt0h+h/AAAA[0m[Pipeline] }
[8mha:AAAAaB+LCAAAAAAAAP9b85aBtbiIwTG/KF0vKzUvOzOvODlTryCnNB3I0ivPL8pOy8kv18vKT9JLzs8rzs9J1QuHCgaV5jlDhPzyS1IZIICRiYGhoohBKqM0pTg/D64Hh8ICAFt0h+h/AAAA[0m[Pipeline] // stage
[8mha:AAAAaB+LCAAAAAAAAP9b85aBtbiIwTG/KF0vKzUvOzOvODlTryCnNB3I0ivPL8pOy8kv18vKT9JLzs8rzs9J1QuHCgaV5jlDhPzyS1IZIICRiYGhoohBKqM0pTg/D64Hh8ICAFt0h+h/AAAA[0m[Pipeline] stage
[8mha:AAAAaB+LCAAAAAAAAP9b85aBtbiIwTG/KF0vKzUvOzOvODlTryCnNB3I0ivPL8pOy8kv18vKT9JLzs8rzs9J1QuHCgaV5jlDhPzyS1IZIICRiYGhoohBKqM0pTg/D64Hh8ICAFt0h+h/AAAA[0m[Pipeline] { (deployApplication)
[8mha:AAAAaB+LCAAAAAAAAP9b85aBtbiIwTG/KF0vKzUvOzOvODlTryCnNB3I0ivPL8pOy8kv18vKT9JLzs8rzs9J1QuHCgaV5jlDhPzyS1IZIICRiYGhoohBKqM0pTg/D64Hh8ICAFt0h+h/AAAA[0m[Pipeline] }
[8mha:AAAAaB+LCAAAAAAAAP9b85aBtbiIwTG/KF0vKzUvOzOvODlTryCnNB3I0ivPL8pOy8kv18vKT9JLzs8rzs9J1QuHCgaV5jlDhPzyS1IZIICRiYGhoohBKqM0pTg/D64Hh8ICAFt0h+h/AAAA[0m[Pipeline] // stage
will lead to
[Pipeline] { (prepare)
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (deployApplication)
[Pipeline] }
[Pipeline] // stage
source to share
https://github.com/LarrysGIT/Extract-Jenkins-Raw-Log/blob/master/README.md
The short answer is here,
It is not encrypted, it is still a BASE64 string,
Example,
Created by [8mha: //// 4H + + H6gi RzqRXgbuxDkiDNvJYq3pMCu17 + YXxGOB + mHbAAAAlx + LCAAAAAAAAP9b85aBtbiIQTGjNKU4P08vOT + vOD8nVc83PyU1x6OyILUoJzMv2y + / JJUBAhiZGBgqihhk0NSjKDWzXb3RdlLBUSYGJk8GtpzUvPSSDB8G5tKinBIGIZ + sxLJE / ZzEvHT94JKizLx0a6BxUmjGOUNodHsLgAzWEgZu / dLi1CL9xJTczDwAj6GcLcAAAAA = [0madmin
Can be divided into the following parts,
A string
: created by user
Preamber
: \ u001B [8 million hectares:
Base64 string
: //// 4H + + + H6gi RzqRXgbuxDkiDNvJYq3pMCu17 YXxGOB mHbAAAAlx + + + LCAAAAAAAAP9b85aBtbiIQTGjNKU4P08vOT vOD8nVc83PyU1x6OyILUoJzMv2y + / + JJUBAhiZGBgqihhk0NSjKDWzXb3RdlLBUSYGJk8GtpzUvPSSDB8G5tKinBIGIZ sxLJE / ZzEvHT94JKizLx0a6BxUmjGOUNodHsLgAzWEgZu / dLi1CL9xJTczDwAj6GcLcAAAAA =
Postamber
: \ u001B [0 m
A string
: admin
Convert the base64 string to bytes, strip the first bytes 40
( https://github.com/LarrysGIT/Extract-Jenkins-Raw-Log/issues/1 ) and save as file .gz
. Now you can extract the real content from the file .gz
.
In this case, the content is of type Java serialization data, version 5
following
¬à sr! Hudson.console.ModelHyperlinkNote xr hudson.console.HyperlinkNote6 = "± = pà i lengthL urlt Ljava / lang / String; xr hudson.console.ConsoleNote xp t / User / Admin
source to share