Re: SH RUN reveals encrypted password
ftp://artoo.net/pub/bin/windows/32bit/password/ GetPass!.exe is my favorite and very useful for clueless customers who misplace passwords/lose staff but don't want to have to crack a large number of routers. -- Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ List email: [EMAIL PROTECTED] Homepage: http://jason.artoo.net/ Cisco resources: http://r2cisco.artoo.net/ "adam lee" [EMAIL PROTECTED] wrote in message 000201c089a8$be502b90$075901c0@meanboy4">news:000201c089a8$be502b90$075901c0@meanboy4... How readily available are these decryptors? I heard of them but I do not know anyone with one. ""Hans Stout"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello colleagues, do you know if there is a way to make the line 'enable secret 5 $1$vwIl$YEZxTVGPapUUVCD.c54Ya' invisible when doing a 'sh run' in user mode ? The problem is that I want to allow RO access and also allow to execute the 'sh run' command, but that with a password decryptor, one could eaily decrypt the enable password. Thanks for your help in advance. Regards, Hans _ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SH RUN reveals encrypted password
The problem is that if you do not have access to show the running config, it is ommited completely from the show tech-support. At least when I tried it. -- Kevin "Avran" [EMAIL PROTECTED] wrote in message 9535uc$tst$[EMAIL PROTECTED]">news:9535uc$tst$[EMAIL PROTECTED]... I suggest that you setup password level between 2 and 14 and define them. For example just let the user use only "show tech-support " which will hide all config that is deemed secure. Just try the command and see. In fact CISCO engineers suggest that you use 8 or more characters and include underscore in your secret. This cannot be cracked easily with software such as Loft etc. Hope this helps. Avran === "Hans Stout" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello colleagues, do you know if there is a way to make the line 'enable secret 5 $1$vwIl$YEZxTVGPapUUVCD.c54Ya' invisible when doing a 'sh run' in user mode ? The problem is that I want to allow RO access and also allow to execute the 'sh run' command, but that with a password decryptor, one could eaily decrypt the enable password. Thanks for your help in advance. Regards, Hans _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: SH RUN reveals encrypted password
try the link below. I stumbled on it by mistake and haven't tried it myself. Also have a look at the config viewer http://solarwinds.net/Tools/Cisco_Networking/Password_Decryptor/index.htm adam lee [EMAIL PROTECTED] on 01/29/2001 05:05:38 AM Please respond to adam lee [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc:(bcc: Larry Ogun-Banjo/EN/Kpn-Orange) Subject: RE: SH RUN reveals encrypted password How readily available are these decryptors? I heard of them but I do not know anyone with one. ""Hans Stout"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello colleagues, do you know if there is a way to make the line 'enable secret 5 $1$vwIl$YEZxTVGPapUUVCD.c54Ya' invisible when doing a 'sh run' in user mode ? The problem is that I want to allow RO access and also allow to execute the 'sh run' command, but that with a password decryptor, one could eaily decrypt the enable password. Thanks for your help in advance. Regards, Hans _ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: SH RUN reveals encrypted password
The link will for level 7 passwords, not level 5. --- Larry Ogun-Banjo [EMAIL PROTECTED] wrote: try the link below. I stumbled on it by mistake and haven't tried it myself. Also have a look at the config viewer http://solarwinds.net/Tools/Cisco_Networking/Password_Decryptor/index.htm adam lee [EMAIL PROTECTED] on 01/29/2001 05:05:38 AM Please respond to adam lee [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc:(bcc: Larry Ogun-Banjo/EN/Kpn-Orange) Subject: RE: SH RUN reveals encrypted password How readily available are these decryptors? I heard of them but I do not know anyone with one. ""Hans Stout"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello colleagues, do you know if there is a way to make the line 'enable secret 5 $1$vwIl$YEZxTVGPapUUVCD.c54Ya' invisible when doing a 'sh run' in user mode ? The problem is that I want to allow RO access and also allow to execute the 'sh run' command, but that with a password decryptor, one could eaily decrypt the enable password. Thanks for your help in advance. Regards, Hans _ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] = = = = = = = = = = = = = = = = = = = Please send replys to: [EMAIL PROTECTED] = = = = = = = = = = = = = = = = = = __ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices. http://auctions.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
SH RUN reveals encrypted password
Hello colleagues, do you know if there is a way to make the line 'enable secret 5 $1$vwIl$YEZxTVGPapUUVCD.c54Ya' invisible when doing a 'sh run' in user mode ? The problem is that I want to allow RO access and also allow to execute the 'sh run' command, but that with a password decryptor, one could eaily decrypt the enable password. Thanks for your help in advance. Regards, Hans _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SH RUN reveals encrypted password
Has anybody actually managed to decrypt an enable password yet? I know the level 7 passwords are easily decrypted, but I've not seen the level 5 passwords decrypted yet. I realise, that depending on your organisation, you can never play too safe. I should think if anyone has cracked it, someone in this group will know about it - Anybody? Is it possible to crack it? Gareth ""Hans Stout"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello colleagues, do you know if there is a way to make the line 'enable secret 5 $1$vwIl$YEZxTVGPapUUVCD.c54Ya' invisible when doing a 'sh run' in user mode ? The problem is that I want to allow RO access and also allow to execute the 'sh run' command, but that with a password decryptor, one could eaily decrypt the enable password. Thanks for your help in advance. Regards, Hans _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SH RUN reveals encrypted password
Hi The "enable secret", and that you see it on the config, is only a MD-5 hash of the original password. In other words, the router does not stores the password in the config, it only stores a "signature" of it. So, there is no way of "decrypt" it, as it is NOT encrypted (a hash function is not encryption). Of course that it is not 100% secure, you can try find another text that can produce the same exact signature, but using brut force, requires about 2power64 computations. Or maybe using one of the new mathematical vulnerabilities of md-5 could be easier. I donĀ“t know how close they are to break it, but md5 is still secure for usual comercial applications (I am not cryptographer :-) That is VERY different of type 5, as they are very simple encrypted (a XOR, plus a rotation I believe) If u want more info on md5 and other cryptographic topics, check www.counterpane.com Regards Gareth Hinton wrote: Has anybody actually managed to decrypt an enable password yet? I know the level 7 passwords are easily decrypted, but I've not seen the level 5 passwords decrypted yet. I realise, that depending on your organisation, you can never play too safe. I should think if anyone has cracked it, someone in this group will know about it - Anybody? Is it possible to crack it? Gareth ""Hans Stout"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello colleagues, do you know if there is a way to make the line 'enable secret 5 $1$vwIl$YEZxTVGPapUUVCD.c54Ya' invisible when doing a 'sh run' in user mode ? The problem is that I want to allow RO access and also allow to execute the 'sh run' command, but that with a password decryptor, one could eaily decrypt the enable password. Thanks for your help in advance. Regards, Hans _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] -- --- Javier Contreras Albesa Professional Trainer PRO IN Training S.L. PROfessional Information Networks World Trade Center, Moll de Barcelona S/N Edif Sur, Planta 4 Phone: (+34) 93-5088850 E-mail: [EMAIL PROTECTED] Fax: (+34) 93-5088860 Internet: http://www.proin.com SHAPING THE FUTURE - BE PART OF IT! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SH RUN reveals encrypted password
Hi, Correct me if I'm wrong but don't you need the enable password to perform a "show run". If you do then why decrypt it. router#service password encryption encrypts it to a level 7. Teunis, Hobart, Tasmania Australia On Sunday, January 28, 2001 at 09:37:36 AM, Gareth Hinton wrote: Has anybody actually managed to decrypt an enable password yet? I know the level 7 passwords are easily decrypted, but I've not seen the level 5 passwords decrypted yet. I realise, that depending on your organisation, you can never play too safe. I should think if anyone has cracked it, someone in this group will know about it - Anybody? Is it possible to crack it? Gareth ""Hans Stout"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello colleagues, do you know if there is a way to make the line 'enable secret 5 $1$vwIl$YEZxTVGPapUUVCD.c54Ya' invisible when doing a 'sh run' in user mode ? The problem is that I want to allow RO access and also allow to execute the 'sh run' command, but that with a password decryptor, one could eaily decrypt the enable password. Thanks for your help in advance. Regards, Hans _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SH RUN reveals encrypted password
Hi, Sorry, I'm wrong, I didn't read the question. (I guess that is someting I need to fix before exams) Enable Secret maybe better. Teunis Hobart, Tasmania Australia On Monday, January 29, 2001 at 08:11:13 AM, Tony van Ree wrote: Hi, Correct me if I'm wrong but don't you need the enable password to perform a "show run". If you do then why decrypt it. router#service password encryption encrypts it to a level 7. Teunis, Hobart, Tasmania Australia On Sunday, January 28, 2001 at 09:37:36 AM, Gareth Hinton wrote: Has anybody actually managed to decrypt an enable password yet? I know the level 7 passwords are easily decrypted, but I've not seen the level 5 passwords decrypted yet. I realise, that depending on your organisation, you can never play too safe. I should think if anyone has cracked it, someone in this group will know about it - Anybody? Is it possible to crack it? Gareth ""Hans Stout"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello colleagues, do you know if there is a way to make the line 'enable secret 5 $1$vwIl$YEZxTVGPapUUVCD.c54Ya' invisible when doing a 'sh run' in user mode ? The problem is that I want to allow RO access and also allow to execute the 'sh run' command, but that with a password decryptor, one could eaily decrypt the enable password. Thanks for your help in advance. Regards, Hans _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SH RUN reveals encrypted password
Then stand corrected.. you must be in the privileged mode to execute "show run". CR357136-Csh run ^ % Invalid input detected at '^' marker. (the caret should be under the r) To get to the privileged mode you must invoke the "enable password" (unless you're using autocommand or tacacs+ that does something automatically for you) Also I guess you could lower the sh run command from priv 15 to priv 1 but I don't think you'd want to do that. Kevin Wigle - Original Message - From: "Tony van Ree" [EMAIL PROTECTED] To: "Gareth Hinton" [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Sunday, 28 January, 2001 16:11 Subject: Re: SH RUN reveals encrypted password Hi, Correct me if I'm wrong but don't you need the enable password to perform a "show run". If you do then why decrypt it. router#service password encryption encrypts it to a level 7. Teunis, Hobart, Tasmania Australia On Sunday, January 28, 2001 at 09:37:36 AM, Gareth Hinton wrote: Has anybody actually managed to decrypt an enable password yet? I know the level 7 passwords are easily decrypted, but I've not seen the level 5 passwords decrypted yet. I realise, that depending on your organisation, you can never play too safe. I should think if anyone has cracked it, someone in this group will know about it - Anybody? Is it possible to crack it? Gareth ""Hans Stout"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello colleagues, do you know if there is a way to make the line 'enable secret 5 $1$vwIl$YEZxTVGPapUUVCD.c54Ya' invisible when doing a 'sh run' in user mode ? The problem is that I want to allow RO access and also allow to execute the 'sh run' command, but that with a password decryptor, one could eaily decrypt the enable password. Thanks for your help in advance. Regards, Hans _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SH RUN reveals encrypted password
Guys, I think we're on the right track now. Of course, you don't have to lower the priv level of the command to 1, instead put it at, say, 14. Then make sure those users you want to have this access are given a privilege level of 14. This can be done either locally or at the TACACS+ server. Locally, assign a user as: username johnchambers password ciscoceo privilege 14 Set the "show running-config" command to be at level 14 like this: privilege exec level 14 show running-config privilege exec level 1 show (I think the second one is necessary, because if you don't use it, then you get as an "added bonus" the line "privilege exec level 14 show", which disables all show commands from any priv level under 14. - Please correct me if I'm wrong) Does anyone know how to get these commands out of your config without reloading? Prepending a "no" just reverts the command back to default, but it still displays in the config. Look in your documentation as to how to do this on your TACACS+ server Also, as a bit of a side note, if you give a user level 15 access, when they log in, they immediately get an enable prompt. Matthew Sypherd [EMAIL PROTECTED] CCNP+Security CCDP CCSE MCSE CCIE-R/S-Written (June 15-16 RTP) "Kevin Wigle" [EMAIL PROTECTED]@groupstudy.com 01/28/2001 03:42 PM Please respond to "Kevin Wigle" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: "Tony van Ree" [EMAIL PROTECTED], "Gareth Hinton" [EMAIL PROTECTED], [EMAIL PROTECTED] cc: Subject: Re: SH RUN reveals encrypted password Then stand corrected.. you must be in the privileged mode to execute "show run". CR357136-Csh run ^ % Invalid input detected at '^' marker. (the caret should be under the r) To get to the privileged mode you must invoke the "enable password" (unless you're using autocommand or tacacs+ that does something automatically for you) Also I guess you could lower the sh run command from priv 15 to priv 1 but I don't think you'd want to do that. Kevin Wigle - Original Message - From: "Tony van Ree" [EMAIL PROTECTED] To: "Gareth Hinton" [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Sunday, 28 January, 2001 16:11 Subject: Re: SH RUN reveals encrypted password Hi, Correct me if I'm wrong but don't you need the enable password to perform a "show run". If you do then why decrypt it. router#service password encryption encrypts it to a level 7. Teunis, Hobart, Tasmania Australia On Sunday, January 28, 2001 at 09:37:36 AM, Gareth Hinton wrote: Has anybody actually managed to decrypt an enable password yet? I know the level 7 passwords are easily decrypted, but I've not seen the level 5 passwords decrypted yet. I realise, that depending on your organisation, you can never play too safe. I should think if anyone has cracked it, someone in this group will know about it - Anybody? Is it possible to crack it? Gareth ""Hans Stout"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello colleagues, do you know if there is a way to make the line 'enable secret 5 $1$vwIl$YEZxTVGPapUUVCD.c54Ya' invisible when doing a 'sh run' in user mode ? The problem is that I want to allow RO access and also allow to execute the 'sh run' command, but that with a password decryptor, one could eaily decrypt the enable password. Thanks for your help in advance. Regards, Hans _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: SH RUN reveals encrypted password
How readily available are these decryptors? I heard of them but I do not know anyone with one. ""Hans Stout"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello colleagues, do you know if there is a way to make the line 'enable secret 5 $1$vwIl$YEZxTVGPapUUVCD.c54Ya' invisible when doing a 'sh run' in user mode ? The problem is that I want to allow RO access and also allow to execute the 'sh run' command, but that with a password decryptor, one could eaily decrypt the enable password. Thanks for your help in advance. Regards, Hans _ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SH RUN reveals encrypted password
I suggest that you setup password level between 2 and 14 and define them. For example just let the user use only "show tech-support " which will hide all config that is deemed secure. Just try the command and see. In fact CISCO engineers suggest that you use 8 or more characters and include underscore in your secret. This cannot be cracked easily with software such as Loft etc. Hope this helps. Avran === "Hans Stout" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello colleagues, do you know if there is a way to make the line 'enable secret 5 $1$vwIl$YEZxTVGPapUUVCD.c54Ya' invisible when doing a 'sh run' in user mode ? The problem is that I want to allow RO access and also allow to execute the 'sh run' command, but that with a password decryptor, one could eaily decrypt the enable password. Thanks for your help in advance. Regards, Hans _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
