Penetration Testing mailing list archives
AW: Penetrating a Cisco Catalyst with CatOS [resolved]
From: Marc.Werner () t-systems com
Date: Thu, 21 Jul 2005 07:34:29 +0200
Thank you very much, it works!!! Rgds Marc -----Ursprüngliche Nachricht----- Von: Luis Cerdas [mailto:luis.cerdas () rawten net] Gesendet: Mittwoch, 20. Juli 2005 21:53 An: Werner, Marc Cc: pen-test () securityfocus com Betreff: Re: Penetrating a Cisco Catalyst with CatOS Marc, checking over the list, it seems that this was discussed on December 2003; indeed it usually means blowfish encryption and according to Frisbie (http://www.securityfocus.com/archive/101/347334), you can change the $2$ to $1$ and attack it with John the ripper. I haven't tried it myself, but it might work. Regards, Luis Cerdas Partner & Director Rawten Latinoamerica, S.A. Mobile: +506 371 7000 Office: +506 224 0432 US Voicemail: +1 (866) 303 1154 On Jul 20, 2005, at 6:22 AM, Marc.Werner () t-systems com wrote:
Hi list, in my actual pen-test-project I was able to get a cisco-config by SNMP. The passwords are encrypted. Does anyone know the algorithm? The password hash starts with $2$, an "normal" IOShash starts with $1$. Is it probably blowfish? Thanks for your help in advance!!! Mit freundlichen Grüßen / Kind regards Marc Werner T-Systems International GmbH Research & Development Engineer Technology Center Engineering Networks, Products & Services Multi Access Solutions & AAA Technologies Sendefunkstelle Haus 5, 25335 Elmshorn Tel +49 4121 29198819 PC Fax +49 1805 3344902042 Fax +49 4121 29198899 Mobil +49 170 5637815 E-Mail: marc.werner () t-systems com Internet: http://www.t-systems.com
Current thread:
- AW: Penetrating a Cisco Catalyst with CatOS [resolved] Marc . Werner (Jul 21)