Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: cracking cisco passwords
From: Joshua Wright <Joshua.Wright () jwu edu>
Date: Mon, 15 Oct 2001 11:30:36 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Brute force with a dictionary attack would be your best option.  The
type 5 password is based on the MD5 hash algorithm.  You could create
a perl program with a CPAN module to calculate the hashes.

The $ in the MD5 hash separates the field into three parameters:

$1 - version 1 ?
$6Je2 - salt
$MurE4FTzoZjQShRW4Ui9H0 - base 64 encoded password hash

I suspect however, that if you have access to the router (switch?)
with the IOS HTTP vulnerability, you can simply change the password,
and reestablish the original password at a later time.

- -Joshua Wright
Team Leader, Networks and Systems
Johnson & Wales University
Joshua.Wright () jwu edu 

pgpkey: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xD44B4A73
fingerprint: FDA5 12FC F391 3740 E0AE BDB6 8FE2 FC0A D44B 4A73





- -----Original Message-----
From: Jason binger [mailto:cisspstudy () yahoo com]
Sent: Sunday, October 14, 2001 9:49 PM
To: pen-test () securityfocus com
Subject: cracking cisco passwords


I am currently performing a penetration test and
managed to pull down the config using a HTTP
vulnerability in the cisco interface.

How do I crack the following password gained from the
following line of the config?

enable secret 5 $1$6Je2$MurE4FTzoZjQShRW4Ui9H0 

(the password has been changed)

Jason


__________________________________________________
Do You Yahoo!?
Make a great connection at Yahoo! Personals.
http://personals.yahoo.com

- ----------------------------------------------------------------------
- ------
This list is provided by the SecurityFocus Security Intelligence
Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities
please see:
https://alerts.securityfocus.com/

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBO8sBH4/i/ArUS0pzEQJp5wCg8EPHHwcT9XzEVEByEZoW48Dfe8cAnij3
w4+7vtBmmbegKDGiDnpYxGx+
=fh66
-----END PGP SIGNATURE-----

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault