{"id":8,"date":"2009-07-02T20:55:58","date_gmt":"2009-07-02T19:55:58","guid":{"rendered":"http:\/\/mccltd.net\/blog\/?p=8"},"modified":"2009-12-08T22:02:13","modified_gmt":"2009-12-08T22:02:13","slug":"8","status":"publish","type":"post","link":"http:\/\/darenmatthews.com\/blog\/?p=8","title":{"rendered":"Decrypting Type 7 Passwords &#8211; within the IOS!"},"content":{"rendered":"<p><strong>Decrypting Type 7 Password on Cisco Router<\/strong><strong><\/strong><\/p>\n<p>You know those type 7 (non-MD5) so-called &#8220;encryption&#8221;\u00a0 strings that appear when service password-encryption is used?\u00a0 A lot of people copy the string and go to websites (google cisco password cracker) and use a java applet or something to decrypt them.<\/p>\n<p>However, you can actually do this on any cisco router.\u00a0 This is how you do it.<!--more--> Try this little test:<\/p>\n<p>conf t<\/p>\n<p>enable password cisco<br \/>\nservice password-encryption<\/p>\n<p>show run | inc password<\/p>\n<p>enable password 7 070C285F4D06\u00a0 &lt;=== (encrypted string for &#8220;cisco&#8221;)<\/p>\n<p>Now, to decrypt it, set up a key chain (in this example named &#8220;daz&#8221; and copy the encrypted garble as the key-string<\/p>\n<p>conf t<br \/>\nkey chain daz<br \/>\nkey 1<br \/>\nkey-string 7 070C285F4D06<br \/>\nCtrl-Z<\/p>\n<p>now, to decrypt the string,<\/p>\n<p>cisco_877w#show key chain daz<br \/>\nKey-chain daz:<br \/>\nkey 1 &#8212; text &#8220;cisco&#8221;<br \/>\naccept lifetime (always valid) &#8211; (always valid) [valid now]<br \/>\nsend lifetime (always valid) &#8211; (always valid) [valid now]<\/p>\n<p>So showing the key chain will reveal the unencrypted string for &#8220;cisco&#8221;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Decrypting Type 7 Password on Cisco Router You know those type 7 (non-MD5) so-called &#8220;encryption&#8221;\u00a0 strings that appear when service password-encryption is used?\u00a0 A lot of people copy the string and go to websites (google cisco password cracker) and use a java applet or something to decrypt them. However, you can actually do this on [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[83,13],"tags":[3,8],"_links":{"self":[{"href":"http:\/\/darenmatthews.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/8"}],"collection":[{"href":"http:\/\/darenmatthews.com\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/darenmatthews.com\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/darenmatthews.com\/blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/darenmatthews.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=8"}],"version-history":[{"count":6,"href":"http:\/\/darenmatthews.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/8\/revisions"}],"predecessor-version":[{"id":313,"href":"http:\/\/darenmatthews.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/8\/revisions\/313"}],"wp:attachment":[{"href":"http:\/\/darenmatthews.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=8"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/darenmatthews.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=8"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/darenmatthews.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=8"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}