Archive

Posts Tagged ‘passwords’

Deobfuscating Cisco Type 7 Passwords

October 17th, 2013 2 comments

It should be noted that many algorithms require the Cisco IOS to have access to the cleartext password.

The Vigenere algorithm is used to obfuscate the passwords (not really encrypt them as there is no encryption key) in order to prevent “shoulder surfing” from exposing passwords to someone who briefly looks at a running configuration.

500_lines80

If, however, someone gets hold of the configuration they can easily retrieve the passwords using the reverse translation of the Vigenere algorithm.

  • This can be done using various “type-7” password crackers or indeed within the IOS itself
  • Cisco IOS uses this level-7 encryption when the “service password-encryption” command is used. Here is a Perl Script which deobfuscates the Cisco Viginere password Read more…
Categories: CISCO, Security Tags:

Recovering Hidden PIX Pre-Shared Keys / Passwords

July 3rd, 2009 No comments

The latest Cisco TAC Newsletter had an interesting tip on recovering hidden pre-shared keys (which I’ve needed to do many times). So simple, it’s brilliant :) here’s the reprint: Read more…

Categories: CISCO, Security Tags: ,

Hacking APC Masterswitch Admin Password

July 3rd, 2009 No comments

Ever bought one of those APC Masterswitch PDU’s from eBay, then tried to login to the admin interface with the usual default “apc” / “apc” but found that the password had been changed?

Manuals:

APC9211

Userguide AP9606 WebSNMP Management SmartSlot Card

Installation AP9606 WebSNMP Management SmartSlot Card

The usual password recovery procedures (well documented) are quite tedious, requiring emails and serial numbers. What a pain!

  • If you use one in your home lab this vulnerability will help you if you happen to buy one from eBay with the password set.
  • If you use them on a production network – this could become an attack vector,  so replace them or upgrade!

Here’s how to hack the password: Read more…

Categories: Uncategorized Tags:

Decrypting Type 7 Passwords – within the IOS!

July 2nd, 2009 No comments

Decrypting Type 7 Password on Cisco Router

You know those type 7 (non-MD5) so-called “encryption”  strings that appear when service password-encryption is used?  A lot of people copy the string and go to websites (google cisco password cracker) and use a java applet or something to decrypt them.

However, you can actually do this on any cisco router.  This is how you do it. Read more…

Categories: CISCO, Security Tags: ,