Penetration Testing mailing list archives
Re: cracking cisco passwords
From: Jim Duncan <jnduncan () cisco com>
Date: Mon, 15 Oct 2001 15:10:23 -0400
Jason Binger writes:
I am currently performing a penetration test and managed to pull down the config using a HTTP vulnerability in the cisco interface. How do I crack the following password gained from the following line of the config? enable secret 5 $1$6Je2$MurE4FTzoZjQShRW4Ui9H0 (the password has been changed)
Jason, Cisco IOS encrypts "mode 5" passwords using MD5, so in theory, they are not crackable. However, they _are_ subject to a dictionary attack, so the usual cautions apply, e.g., try to limit the disclosure of the encrypted text. Mode 7 passwords are encrypted using a modified Vignere cipher, and are _not_ considered strong; they are merely adequate for preventing casual discovery of the plaintext. Several tools for decrypting mode 7 passwords are available on The Net, including mudge's, which I use on my Palm Vx. :-) See http://www.cisco.com/warp/public/707/21.html#password for very basic info on password encryption in Cisco IOS. Jim == Jim Duncan, Product Security Incident Manager, Cisco Systems, Inc. <http://www.cisco.com/warp/public/707/sec_incident_response.shtml> E-mail: <jnduncan () cisco com> Phone(Direct/FAX): +1 919 392 6209 ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- cracking cisco passwords Jason binger (Oct 15)
- Re: cracking cisco passwords Volker Tanger (Oct 15)
- Re: cracking cisco passwords Jason Witty, CISSP (Oct 15)
- Re: cracking cisco passwords Damiano Scrigni (Oct 15)
- Re: cracking cisco passwords Jim Duncan (Oct 15)
- Re: cracking cisco passwords Jim Duncan (Oct 15)
- <Possible follow-ups>
- RE: cracking cisco passwords Joshua Wright (Oct 15)
- RE: cracking cisco passwords woody weaver (Oct 16)