RE: Cisco Catalyst 4006 CatOS Password Hash

From: Paul Bakker (bakker_at_fox-it.com)
Date: 12/11/03

Next message: Paul Bakker: "RE: Cisco Catalyst 4006 CatOS Password Hash"

Previous message: Alfred Huger: "New Articles @ SecurityFocus"
Maybe in reply to: Paul Bakker: "Cisco Catalyst 4006 CatOS Password Hash"
Next in thread: Paul Bakker: "RE: Cisco Catalyst 4006 CatOS Password Hash"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 11 Dec 2003 09:32:19 +0100
To: "Miles Stevenson" <miles@mstevenson.org>

Hi Miles..

Shouldn't the length of the hash be longer in case of this?
MD5 hashes are 16 bytes and SHA-1 hashes are 20 bytes...

These hashes only have 16 bytes after the last $ sign...

Paul
> -----Oorspronkelijk bericht-----
> Van: Miles Stevenson [mailto:miles@mstevenson.org]
> Verzonden: woensdag 10 december 2003 18:23
> Aan: Paul Bakker
> CC: pen-test@securityfocus.com
> Onderwerp: Re: Cisco Catalyst 4006 CatOS Password Hash
>
>
> Hi Paul.
>
> I believe $2$ is indicative of an SHA-1 hash, as opposed to MD5.
>
> -Miles
>
> On Wed, 2003-12-10 at 06:32, Paul Bakker wrote:
> > During a pentest/audit I received from the client the
> configurations for their Cisco Catalyst 4006 and their other
> Cisco IOS switches.
> >
> > The passwords in the Cisco IOS configuration file are in in
> the known usual format of the FreeBSD MD5 hash...
> > Like $1$xxxx$xxxxxxxxxxxxxxxxxxx
> >
> > These are easily crackable/recognized by both John the
> Ripper and Cain&Abel.
> >
> > The passwords on the Catalyst are in the same format (for
> the eye), but instead of starting with $1$ they start with
> $2$..... Both John and Cain do not recognize these hashes.
> >
> > Can anybody shed some light on the hash function used to
> create these and any tools that can be used to eudit the
> password strenght of these passwords (Or how John or Cain can
> be sed for this...)
> >
> > --
> > Paul Bakker
> >
> >
> --------------------------------------------------------------
> -------------
> >
> --------------------------------------------------------------
> --------------
> --
> Miles Stevenson
> miles@mstevenson.org
>

---------------------------------------------------------------------------
----------------------------------------------------------------------------

Next message: Paul Bakker: "RE: Cisco Catalyst 4006 CatOS Password Hash"

Previous message: Alfred Huger: "New Articles @ SecurityFocus"
Maybe in reply to: Paul Bakker: "Cisco Catalyst 4006 CatOS Password Hash"
Next in thread: Paul Bakker: "RE: Cisco Catalyst 4006 CatOS Password Hash"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]