RE: Telnet password

Tue, 05 Sep 2000 14:49:03 -0700 

On Wed, 6 Sep 2000, Marshal Schoener wrote:

> Thank you :-)
> That is almost exactly what I am seeing.
> Only difference is the password is: 7 a9vyt3...
> 7 is in front...
> So, that means it is encrypted.
> If I want to change this, can I just go in and change it there, or 
> is there something else I have to do first?

You can simply change it

conf t
line vty 0 4
password WORD

if you have service password-encryption enabled, then when you show run it
will be encrypted.  When changing it, don't include the "7" ahead of the 
password, or the router will assume you're entering the encrypted string.  

Likewise, don't use a password that starts with "7" (or "5").

The encryption is rather weak on all but the enable secret, btw.  

--- cut here ---
#!/usr/local/bin/perl -w
# $Id: ios7decrypt.pl,v 1.1 1998/01/11 21:31:12 mesrik Exp $
#
# Credits for orginal code and description [EMAIL PROTECTED],
# SPHiXe, .mudge et al. and for John Bashinski <[EMAIL PROTECTED]>
# for Cisco IOS password encryption facts.
#
# Use for any malice or illegal purposes strictly prohibited!
#
 
@xlat = ( 0x64, 0x73, 0x66, 0x64, 0x3b, 0x6b, 0x66, 0x6f, 0x41,
          0x2c, 0x2e, 0x69, 0x79, 0x65, 0x77, 0x72, 0x6b, 0x6c,
          0x64, 0x4a, 0x4b, 0x44, 0x48, 0x53 , 0x55, 0x42 );

while (<>) {
        if (/(password|md5)\s+7\s+([\da-f]+)/io) {
            if (!(length($2) & 1)) {
                $ep = $2; $dp = "";
                ($s, $e) = ($2 =~ /^(..)(.+)/o);
                for ($i = 0; $i < length($e); $i+=2) {
                    $dp .= sprintf "%c",hex(substr($e,$i,2))^$xlat[$s++];
                }
                s/7\s+$ep/$dp/;
            }
        }    
        print;
}
# eof
--- cut here ---

If you don't have a perl interpreter, e-mail me the string starting
with "password 7" and I'll let you know the plaintext.

-- 
Jay Hennigan  -  Network Administration  -  [EMAIL PROTECTED] 
NetLojix Communications, Inc.  NASDAQ: NETX  -  http://www.netlojix.com/
WestNet:  Connecting you to the planet.  805 884-6323 


___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to