Introduction
Cisco device are commonly used in the technological organizations and now even in homes at present. password encryptions is not readily provide with the Cisco devices it is configured by the owner or users of the devices to enhance the security and for hiding the important information related or present on the device, if it is required to read the passwords then one can read it in text configuration file available.
Decrypting Cisco passwords
If you find that password are encrypted on the Cisco device then there is no need to get puzzled because usually Cisco password encryption is done by using the weak encryption algorithm that can be easily decrypting by using the exact source of decryption. this password s are known as the type from all seven types of Cisco passwords .if you can open the configuration file then there is no need for decrypting the password you can simple read out from there .if you cant access that fie the you can simply decrypt by the following method.
Service password Encryption
Following command can be used for service password decryption.
Cisco (config)#service password-encryption
Most often many of the network administrators saves their ISO configuration files on the Trivial FTP serves which make sit easier for them to utilize and updated the files anytime. You can also file fro every Cisco device in connection at the network all the time.
Encryption method Analyzing
For effectively decrypting the password you must know a little bit about the algorithm used for the encryption of the Cisco passwords .the most commonly used security method for IOS passwords are type specific for instance
- Type 5 uses MD5 encryption technique for hiding the password.
- Type 7 Cisco passwords are encrypted by using the weak proprietary algorithms.
It’s quite easy to recognize what type of password is encrypted by which technique for knowing this simply see the information which is provided at the end of the password. Its type seven is written in the end it means that password must be using weak algo for encryption purposes the password syntax appear some thing like this enable password 7 03003E2E05077C4F4007
Decrypting passwords
There are many algorithm and decryption techniques that are available for un hiding the Cisco password more specifically of type 7 . Below is the small piece f code known as PERL to decrypt the passwords of type 7.
#!/usr/bin/perl -w
# $Id: ios7decrypt.pl,v 1.1 1998/01/11 21:31:12 mesrik Exp $
#
# Credits for original code and description hobbit@avian.org,
# SPHiXe, .mudge et al. and for John Bashinski
# for Cisco IOS password encryption facts.
#
#this code can be used for the illegal purposes so its totally prohibited to use this piece for malicious spreads.
#@xlat = ( 0x64, 0x73, 0x66, 0x64, 0x3b, 0x6b, 0x66, 0x6f, 0x41,
0x2c, 0x2e, 0x69, 0x79, 0x65, 0x77, 0x72, 0x6b, 0x6c,
0x64, 0x4a, 0x4b, 0x44, 0x48, 0x53 , 0x55, 0x42 );
while (<>) {
if (/(password|md5)s+7s+([da-f]+)/io) {
if (!(length($2) & 1)) {
$ep = $2; $dp = “”;
($s, $e) = ($2 =~ /^(..)(.+)/o);
for ($i = 0; $i < length($e); $i+=2) {
$dp .= sprintf “%c”,hex(substr($e,$i,2))^$xlat[$s++];
}
s/7s+$ep/$dp/;
}
}
print;
Type 5 Cisco passwords
Type 5 passwords can also be decrypted they typically use the hashing technique for encrypting with the help of MD5 which abbreviated for message digest version 5.this technique is much safer then the Cisco Proprietary weak algorithms and provide a little higher safety to the passwords. These passwords can be decrypted by using the enable password command. Or by extracting the password from configuration file.