Home | Articles | About | Contact | Forum |
Tuesday, October 25, 2016

Lunarpages.com Web Hosting

Mailing List

By Joining the mailing list you will be notified of site updates.

Show Your Support For
This Site By Donating:

Audience: Self Learners - Experts
Last Updated: 7/16/04 3:47 PM
Original Creation Date: 7/16/04 3:47 PM
**All times are EST**

Cracking Cisco Passwords

By Erik Rodriguez

This article provides information on decrypting passwords stored in a Cisco router.

Hackers often attack routers because they are not monitored as closely as servers and can provided an enormous source of information. Cisco routers will store all passwords in the running configuration file. In order to get this password you must view the output from the routers running configuration using the command below:

antares#sh run
Building configuration...

Current configuration:
version 12.0
service timestamps debug uptime
service timestamps log uptime
service password-encryption
hostname antares
aaa new-model
enable secret 5 $1$1Pdr$rqEsfKmsdfeTtuRGK.5Oa0
enable password 7 071D7012641B480012
username weaponx password 7 03085E1F0B0A2842
ip subnet-zero
no ip routing
no ip domain-lookup
file prompt quiet
interface Ethernet0
 ip address
 no ip directed-broadcast
 ip nat outside
 no ip route-cache
 no ip mroute-cache
 no mop enabled
interface Ethernet1
 ip address
 no ip directed-broadcast
 ip nat inside
 no ip route-cache
 no ip mroute-cache
interface Serial0
 no ip address
 no ip directed-broadcast
 no ip route-cache
 no ip mroute-cache
interface Serial1
 no ip address
 no ip directed-broadcast
 no ip route-cache
 no ip mroute-cache
ip classless
ip route profile
banner motd ^C
This is a private Device!

Unathorized access is prohibited!
line con 0
 password 7 1205435B5D567B2E22
 transport input none
line aux 0
line vty 0 4
 password 7 1205435B5D567B2E22

Using a program called Cain and Abel, you can copy and paste the encrypted password shown in red, right into the cain decryption window. You can download Cain and Abel by clicking here. See the images below:

Using the second encryption value from the above configuration output (03085E1F0B0A2842), you can see the password is "letmein"

Juniper SRX anti-spam filtering config
Windows Server 2008 Clustering Configuration
Windows 2008 R2 Network Load Balancing (NLB)
Extreme Networks: Downloading new software image
Juniper SRX save config to USB drive
Juniper SRX logout sessions
Extreme Networks Syslog Configuration
Command line drive mapping
Neoscale vs. Decru
Data Security vs. Data Protection
Juniper SRX Cluster Configuration
HOWTO - Create VLAN on Extreme Switch
Using a Non-local Colocation Facility
Linux Server Administration
IT Chop Shops
Flow Viewers: SFLOW, NetFLOW, and JFLOW
Exchange 2007 Back Pressure
IPtables open port for specific IP
Politics in IT Departments
HOWTO - Block Dropbox
Cisco IOS Cheat Sheet
Subnet Cheat Sheet
Design a DMZ Network
How DNS works
Firewall Configuration
Juniper SSG Firewalls
Server Management
Configuring VLANs
Runlevels in Linux
Server Clustering
SONET Networks
The Red Hat Network
Server Colocation
Complicated Linux Servers
Dark Fiber
Data Center Network Design
Firewall Types
Colocation Bandwidth

Copyright © 2002-2016 Skullbox.Net All Rights Reserved.
A division of Orlando Tech Works, LLC
By using this site you agree to its Terms and Conditions.
Contact Erik Rodriguez