Cisco Catalyst 4006 CatOS Password Hash

From: Paul Bakker (bakker_at_fox-it.com)
Date: 12/10/03

Next message: MJohnst5_at_prdgb.JNJ.com: "RE: john the ripper"

Previous message: Byron Sonne: "Re: Education End Users about Passwords - Was - RE: john the ripper"
Next in thread: Miles Stevenson: "Re: Cisco Catalyst 4006 CatOS Password Hash"
Reply: Miles Stevenson: "Re: Cisco Catalyst 4006 CatOS Password Hash"
Maybe reply: miguel.dilaj_at_pharma.novartis.com: "Re: Cisco Catalyst 4006 CatOS Password Hash"
Reply: Joey Peloquin: "RE: Cisco Catalyst 4006 CatOS Password Hash"
Maybe reply: Paul Bakker: "RE: Cisco Catalyst 4006 CatOS Password Hash"
Maybe reply: Paul Bakker: "RE: Cisco Catalyst 4006 CatOS Password Hash"
Maybe reply: Paul Bakker: "RE: Cisco Catalyst 4006 CatOS Password Hash"
Reply: Frisbie: "Re: Cisco Catalyst 4006 CatOS Password Hash"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 10 Dec 2003 12:32:31 +0100
To: <pen-test@securityfocus.com>

During a pentest/audit I received from the client the configurations for their Cisco Catalyst 4006 and their other Cisco IOS switches.

The passwords in the Cisco IOS configuration file are in in the known usual format of the FreeBSD MD5 hash...
Like $1$xxxx$xxxxxxxxxxxxxxxxxxx

These are easily crackable/recognized by both John the Ripper and Cain&Abel.

The passwords on the Catalyst are in the same format (for the eye), but instead of starting with $1$ they start with $2$..... Both John and Cain do not recognize these hashes.

Can anybody shed some light on the hash function used to create these and any tools that can be used to eudit the password strenght of these passwords (Or how John or Cain can be sed for this...)

--
Paul Bakker
---------------------------------------------------------------------------
----------------------------------------------------------------------------

Next message: MJohnst5_at_prdgb.JNJ.com: "RE: john the ripper"

Previous message: Byron Sonne: "Re: Education End Users about Passwords - Was - RE: john the ripper"
Next in thread: Miles Stevenson: "Re: Cisco Catalyst 4006 CatOS Password Hash"
Reply: Miles Stevenson: "Re: Cisco Catalyst 4006 CatOS Password Hash"
Maybe reply: miguel.dilaj_at_pharma.novartis.com: "Re: Cisco Catalyst 4006 CatOS Password Hash"
Reply: Joey Peloquin: "RE: Cisco Catalyst 4006 CatOS Password Hash"
Maybe reply: Paul Bakker: "RE: Cisco Catalyst 4006 CatOS Password Hash"
Maybe reply: Paul Bakker: "RE: Cisco Catalyst 4006 CatOS Password Hash"
Maybe reply: Paul Bakker: "RE: Cisco Catalyst 4006 CatOS Password Hash"
Reply: Frisbie: "Re: Cisco Catalyst 4006 CatOS Password Hash"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

[Full-disclosure] Cisco Security Response: Cisco IOS and Cisco IOS XE Type 4 Passwords Issue
... Cisco IOS and Cisco IOS XE Type 4 Passwords Issue ... This is the Cisco response to research performed by Mr. Philipp ... Cisco IOS 15 code base include support for a new algorithm to hash ...
(Full-Disclosure)
Cisco Security Response: Cisco IOS and Cisco IOS XE Type 4 Passwords Issue
... Cisco IOS and Cisco IOS XE Type 4 Passwords Issue ... This is the Cisco response to research performed by Mr. Philipp ... Cisco IOS 15 code base include support for a new algorithm to hash ...
(Bugtraq)