Re: Cisco Catalyst 4006 CatOS Password Hash

miguel.dilaj_at_pharma.novartis.com
Date: 12/10/03

  • Next message: Joey Peloquin: "RE: Cisco Catalyst 4006 CatOS Password Hash" 
    To: "Paul Bakker" <bakker@fox-it.com>
Date: Wed, 10 Dec 2003 17:16:50 +0000

    Hi Paul,

    As far as I remember, those $2 should correspond to BlowFish.
    Anyway, it's the first time I see that on Cisco devices, but that's not my
    specific field of expertise.
    John can crack BlowFish (again: AFAIR), so if they're not recognized
    perhaps something is different.
    Can you post an example hash? (One for which you know the password).
    Cheers,

    Miguel

    "Paul Bakker" <bakker@fox-it.com>
    10/12/2003 11:32

     
            To: <pen-test@securityfocus.com>
            cc:
            Subject: Cisco Catalyst 4006 CatOS Password Hash

    During a pentest/audit I received from the client the configurations for
    their Cisco Catalyst 4006 and their other Cisco IOS switches.

    The passwords in the Cisco IOS configuration file are in in the known
    usual format of the FreeBSD MD5 hash...
    Like $1$xxxx$xxxxxxxxxxxxxxxxxxx

    These are easily crackable/recognized by both John the Ripper and
    Cain&Abel.

    The passwords on the Catalyst are in the same format (for the eye), but
    instead of starting with $1$ they start with $2$..... Both John and Cain
    do not recognize these hashes.

    Can anybody shed some light on the hash function used to create these and
    any tools that can be used to eudit the password strenght of these
    passwords (Or how John or Cain can be sed for this...) 

    --
Paul Bakker
---------------------------------------------------------------------------
----------------------------------------------------------------------------
  • Next message: Joey Peloquin: "RE: Cisco Catalyst 4006 CatOS Password Hash"

    Relevant Pages