This is a tool to show that anyone who says you have to blow away your Open WebUI instance if you get locked out is full of it. Additionally, this is meant to be a penetration testing tool allowing you to backdoor an Open WebUI instance to add your own account, create backdoor API keys, recover configured plaintext credentials for LDAP, and read chats for all users.
To use this, you essentially need root on the box, which is annoying but not unheard of. Once you do, you can run the following commands:
find / -name '.webui_secret_key' 2>/dev/null
find / -name 'webui.db' 2>/dev/null
These commands will do two things - recover the SQLite database storing user info, and get the WebUI secret key. Now the credentials for Open WebUI are bcrypted at rest, so that is right out as an option for application access in most cases. But from this you can get the user ID for accounts. Why would you need this? Well, the secret key is used in JWT generation. So as long as you have the secret key and the UUIDs of all user accounts, you can become whoever you want!
Then you can run opened-webui.py to request a token as any user on the device. The first user in the database will be default, but you can specify a user for use.
Open-WebUI JWT Token Forger
options:
-h, --help show this help message and exit
--db-path DB_PATH, -d DB_PATH
Path to Open-WebUI's "webui.db SQLite database file
--secret-key SECRET_KEY, -s SECRET_KEY
Secret key contained in .webui_secret_key file
--user-id USER_ID, -i USER_ID
Manually selected user within array of users pulled from database, array starts at 0
--url URL, -u URL URL of Open-WebUI web server
--port PORT, -p PORT Port number for running Open-WebUI service
--http-scheme {http,https}, -H {http,https}
Protocol in use for web server - choose between http and https
--api-calls {add_user,admin_config_get,admin_config_set,ldap_config,api_key_get,api_key_set,user_chats,all_get}
Select the API calls to make. Post requests with the exception of api_key_set will not be made by default as
configuration changes can be destructive. When running admin_config_set, a copy of the admin config will be
automatically retrieved and saved for backup and recovery.
Examples:
python3 opened_webui.py --db-path <path/to/webui.db>
python3 opened_webui.py --secret-key "<secret-key>"
python3 opened_webui.py --user-id <int>
This allows you to run any API commands you wish. Want to get GUI access as an admin? Just use 'add_user' and you're all set. Want to see those plaintext LDAP credentials? You better believe they don't obfuscate them from web traffic inspection or API calls. Want to read all of the chat logs for every chat of any user? Specify the array number of the user you want to be, and snoop away. I've also built in the command to alter system config for more nefarious purposes, I'd highly suggest being ready for potential impacts depending on what you do, but if you want to stealthily enable user webhooks for fun and profit, this is the way to do it.
I'll be building out more functionality as I mess around with the API to see what is of highest value, but I hope you enjoy it! Until then, all that's really being done after the token generation is a bunch of API calls (you can typically find the documentation at /docs on the server by running the dev environment, but openapi.json worked on some versions as well). So if you want to play around for yourself, just use your new token to make whatever calls you wish.