Re: Cisco Catalyst 4006 CatOS Password Hash
From: Miles Stevenson (miles_at_mstevenson.org)
Date: 12/10/03
- Previous message: Jeff Adams: "RE: Inprotect software announcement."
- In reply to: Paul Bakker: "Cisco Catalyst 4006 CatOS Password Hash"
- Next in thread: miguel.dilaj_at_pharma.novartis.com: "Re: Cisco Catalyst 4006 CatOS Password Hash"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Paul Bakker <bakker@fox-it.com> Date: Wed, 10 Dec 2003 12:22:51 -0500
Hi Paul.
I believe $2$ is indicative of an SHA-1 hash, as opposed to MD5.
-Miles
On Wed, 2003-12-10 at 06:32, Paul Bakker wrote:
> During a pentest/audit I received from the client the configurations for their Cisco Catalyst 4006 and their other Cisco IOS switches.
>
> The passwords in the Cisco IOS configuration file are in in the known usual format of the FreeBSD MD5 hash...
> Like $1$xxxx$xxxxxxxxxxxxxxxxxxx
>
> These are easily crackable/recognized by both John the Ripper and Cain&Abel.
>
> The passwords on the Catalyst are in the same format (for the eye), but instead of starting with $1$ they start with $2$..... Both John and Cain do not recognize these hashes.
>
> Can anybody shed some light on the hash function used to create these and any tools that can be used to eudit the password strenght of these passwords (Or how John or Cain can be sed for this...)
>
> --
> Paul Bakker
>
> ---------------------------------------------------------------------------
> ----------------------------------------------------------------------------
-- Miles Stevenson miles@mstevenson.org
- application/pgp-signature attachment: This is a digitally signed message part
- Previous message: Jeff Adams: "RE: Inprotect software announcement."
- In reply to: Paul Bakker: "Cisco Catalyst 4006 CatOS Password Hash"
- Next in thread: miguel.dilaj_at_pharma.novartis.com: "Re: Cisco Catalyst 4006 CatOS Password Hash"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
