Thursday, April 14, 2011

Decrypt Cisco IOS password using a different router

There are plenty of tools available to crack the more insecure Cisco router passwords.  Here's a method documented on to do so using another available router:

Assume router1 configuration looks like:

router1#username test password 7 08351F1B1D431516475E1B54382F

Then, after losing or forgetting your password, on router2 you can do this:

router2(config)#service password-encryption

router2(config)#key chain decrypt
router2(config-keychain)#key 1
router2(config-keychain-key)#key-string 7 08351F1B1D431516475E1B54382F
router2(config-keychain-key)#do show key chain decrypt
Key-chain decrypt:
key 1 -- text "t35t:pa55w0rd"
accept lifetime (always valid) - (always valid) [valid now]
send lifetime (always valid) - (always valid) [valid now]
Works well, and prevents you from having to surf some undesirable sites to find a cracker.

No comments:

Post a Comment