OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Joshua Wright (Joshua.Wrightjwu.edu)
Date: Mon Oct 15 2001 - 10:30:36 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Brute force with a dictionary attack would be your best option. The
    type 5 password is based on the MD5 hash algorithm. You could create
    a perl program with a CPAN module to calculate the hashes.

    The $ in the MD5 hash separates the field into three parameters:

    $1 - version 1 ?
    $6Je2 - salt
    $MurE4FTzoZjQShRW4Ui9H0 - base 64 encoded password hash

    I suspect however, that if you have access to the router (switch?)
    with the IOS HTTP vulnerability, you can simply change the password,
    and reestablish the original password at a later time.

    - -Joshua Wright
    Team Leader, Networks and Systems
    Johnson & Wales University
    Joshua.Wrightjwu.edu

    pgpkey: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xD44B4A73
    fingerprint: FDA5 12FC F391 3740 E0AE BDB6 8FE2 FC0A D44B 4A73

    - -----Original Message-----
    From: Jason binger [mailto:cisspstudyyahoo.com]
    Sent: Sunday, October 14, 2001 9:49 PM
    To: pen-testsecurityfocus.com
    Subject: cracking cisco passwords

    I am currently performing a penetration test and
    managed to pull down the config using a HTTP
    vulnerability in the cisco interface.

    How do I crack the following password gained from the
    following line of the config?

    enable secret 5 $1$6Je2$MurE4FTzoZjQShRW4Ui9H0

    (the password has been changed)

    Jason

    __________________________________________________
    Do You Yahoo!?
    Make a great connection at Yahoo! Personals.
    http://personals.yahoo.com

    - ----------------------------------------------------------------------
    - ------
    This list is provided by the SecurityFocus Security Intelligence
    Alert (SIA)
    Service. For more information on SecurityFocus' SIA service which
    automatically alerts you to the latest security vulnerabilities
    please see:
    https://alerts.securityfocus.com/

    -----BEGIN PGP SIGNATURE-----
    Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

    iQA/AwUBO8sBH4/i/ArUS0pzEQJp5wCg8EPHHwcT9XzEVEByEZoW48Dfe8cAnij3
    w4+7vtBmmbegKDGiDnpYxGx+
    =fh66
    -----END PGP SIGNATURE-----

    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
    Service. For more information on SecurityFocus' SIA service which
    automatically alerts you to the latest security vulnerabilities please see:
    https://alerts.securityfocus.com/