I always love learning cool new little features in the software I use. In this case, my coworker Ramsey came across a great Blog (http://blog.ioshints.info) on Cisco IOS and we picked up a new trick for decrypting Type 7 passwords.
Cisco IOS has always supported a few encryption mechanisms for local passwords on the device. The first is Type 7 which uses a reversible encryption, about as difficult as ROT13 to break. The second is Type 5, which uses an MD5 hash to make the password irreversible (it is vulnerable to dictionary attacks). I see Type 7 passwords used in cases where they are not required, more often than I would reasonably expect. To quickly and easily decrypt the password and demonstrate why it is such a bad idea I have found this cool little trick:
R1(config)#key chain decrypt
R1(config-keychain)#key 1
R1(config-keychain-key)#key-string 7 <encrypted string>
R1(config-keychain-key)#do show key chain decrypt
Another item people are often not aware of is Type 6 encryption. Type 6 encryption is reversible encryption like Type 7 but uses AES and supports a supplied salt. This allows for significantly better security on newer IOS versions that support it.
Comments
Has your IOS image been surreptitiously modified?
router#verify /md5 disk0:c7301-jk9s-mz.124-10.bin 0c5be63c4e339707efb7881fde7d5324
..........Done!
%Error verifying disk0:c7301-jk9s-mz.124-10.bin
Computed signature = ad9f9c902fa34b90de8365c3a5039a5b
Submitted signature = 0c5be63c4e339707efb7881fde7d5324
Post new comment