Thursday, April 14, 2011

Decrypt Cisco IOS password using a different router

There are plenty of tools available to crack the more insecure Cisco router passwords.  Here's a method documented on http://ioshints.info to do so using another available router:


Assume router1 configuration looks like:

router1#username test password 7 08351F1B1D431516475E1B54382F


Then, after losing or forgetting your password, on router2 you can do this:

router2(config)#service password-encryption

router2(config)#key chain decrypt
router2(config-keychain)#key 1
router2(config-keychain-key)#key-string 7 08351F1B1D431516475E1B54382F
router2(config-keychain-key)#do show key chain decrypt
Key-chain decrypt:
key 1 -- text "t35t:pa55w0rd"
accept lifetime (always valid) - (always valid) [valid now]
send lifetime (always valid) - (always valid) [valid now]
 
Works well, and prevents you from having to surf some undesirable sites to find a cracker.

Wednesday, April 13, 2011

Cisco UCCX script checking for agents available before queue

A coworker asked for guidance in UCCX scripting.  After developing a time of day check and simple queueing mechanism, he realized he would need to check if there are agents available in a CSQ regardless of the time of day (snow emergency, company meeting, someone forgot to log out, etc.).

If no one is there to answer a queued call, the caller is routed to a particular DN.

The following is what I provided him as an example.

(The redacted areas in the script documents are just my name.)






Let me know if this helps ...