Crack Cisco Password Type 5

I ve got a copy of a Cisco ASA config and i want to crack the following example passwords. I ve got the following lines in the config. ASA Version 8.4 2.

Cisco type 5 Password Decryption

Started by swagat admin, Oct 26 2010 PM

Please log in to reply

5 replies to this topic

Posted 26 October 2010 - PM

Hi,

If Any One Post Me A Solution To Decrypt The Type 5 Cisco Password.

0

Location:somewhere at Cisco universe

Posted 27 October 2010 - AM

It is simply impossible to decrypt it because it s a salted MD5 hash. Only type 7 passwords can be decrypted. Type 5 passwords can only be attacked via brute-force.

If you don t know the difference between hashing and encrypting passwords then it s time to ask Mr. Wiki or Mr. Google.

Gender:Female

Posted 28 October 2010 - PM

Here s a tool you may be looking for - this tool, although it s called decrypter, doesn t exactly decrypts the hash, but it searches for the hash in its database.

If u send me the encrypted password afterthen i can decryption.

Location:Spain

This is a rainbow table.

In a rainbow table, you look for the hash, but you are not sure if the original clear-text is the same, because is just a hash algorithm collision.

I don t know if Cisco just hashes the password, or also hash the username and/or some kind of seed.

0.

crack cisco password type 5

Cisco type 7 password decrypt hack crack. This page allows users to reveal Cisco Type 7 encrypted passwords. Crack Cisco Secret 5 Passwords. Understand the.

Have you got a type 5 password you want to break. Try our Cisco IOS type 5 enable secret password cracker instead.. What s the moral of the story.

Crack Cisco IOS Password Hashes, Crack Cisco Type 5 Type 7 Password Hashes

Tweet

Cisco devices running the Cisco IOS have three types of ways to display passwords in the device configuration which include Type 0, Type 5, and Type 7. Below we describe all three methods of storing passwords in the Cisco IOS device configuration and how to obtain the password from each method either by simply reading the password, by quickly converting the password from the Cisco defined encryption algorithm, or by cracking MD5 UNIX password hashes.

Cisco Password Types:

Cisco Type 0 Password: These passwords are stored in IOS configuration as plaintext. Least secure.

Cisco Type 5 Password: These passwords are stored as MD5 UNIX hashes which are salted. Most secure.

Cisco Type 7 Password: These passwords are stored in a Cisco defined encryption algorithm. Not secure except for protecting against shoulder surfing attacks.

Crack Cisco Type 5 Password Hashes:

The most secure of the available password hashes is the Cisco Type 5 password hash which is a MD5 Unix hash. My preferred application to crack these types of hashes is oclHashcat and more specifically oclHashcat-plus which is open source and can be downloaded here. oclHashcat-plus takes advantage of GPU s instead of CPU s which makes it extremely fast when cracking passwords. Below is information on what the Cisco configuration line will look like that stores the Type 5 password, an example Cisco Type 5 password hash, and an example cracking a Cisco Type 5 password.

Cisco Type 5 Password Example In Cisco IOS Configuration:

enable secret 5 1 c7We oWwyT8o77NKC.4FfDlDNV0

In the above example the password was set as QUESTIONDEFENSE and below you can see an example of oclHashcat working to crack the Type 5 password hash from the above example. In the command issued below the –gpu-watchdog 0 switch tells oclHashcat to not monitor the GPU temperature, the -m 500 switch tells oclHashcat what type of hash we are cracking in this example it is MD5 Unix, ciscotype5.txt is a text file located in the same directory as the oclHashcat application and includes our example hash, and /wordlists/small.dic specifies the wordlist we are using in this example.

Cracking Cisco Type 5 Password Hash With oclHashcat-Plus:

root dev oclHashcat-plus-0.06 . /oclHashcat-plus64.bin --gpu-watchdog 0 -m 500 ciscotype5.txt /wordlists/small.dic oclHashcat-plus v0.6 by atom starting Hashes: 1 Unique salts: 1 Unique digests: 1 Bitmaps: 8 bits, 256 entries, 0x000000ff mask, 1024 bytes GPU-Loops: 64 GPU-Accel: 40 Password lengths range: 1 - 15 Platform: AMD compatible platform found Watchdog: Temperature limit disabled Device 1: Cayman, 2048MB, 0Mhz, 24MCU Device 2: Cayman, 2048MB, 0Mhz, 24MCU Device 3: Cayman, 2048MB, 0Mhz, 24MCU Device 4: Cayman, 2048MB, 0Mhz, 24MCU Device 1: Allocating 144MB host-memory Device 1: Kernel. /kernels/4098/m0500.Cayman.64.kernel 796578 bytes Device 2: Allocating 144MB host-memory Device 2: Kernel. /kernels/4098/m0500.Cayman.64.kernel 796578 bytes Device 3: Allocating 144MB host-memory Device 3: Kernel. /kernels/4098/m0500.Cayman.64.kernel 796578 bytes Device 4: Allocating 144MB host-memory Device 4: Kernel. /kernels/4098/m0500.Cayman.64.kernel 796578 bytes Scanned dictionary /wordlists/small.dic: 792070995 bytes, 60122736 words, starting attack 1 c7We oWwyT8o77NKC.4FfDlDNV0:QUESTIONDEFENSE Status.: Cracked Hash.Type.: md5crypt, MD5 Unix, FreeBSD MD5, Cisco-IOS MD5 Input.Mode: File /wordlists/small.dic Time.Running.: 12 secs Speed.Plains.: 7892.3k c/s Speed.Words..: 7892.3k c/s Recovered.: 1/1 Digests, 1/1 Salts Progress..: 59738641/60122736 99.36 Started: Tue Aug 30 :17 2011 Stopped: Tue Aug 30 :33 2011 root dev oclHashcat-plus-0.06

As you can see above oclHashcat-plus is really fast and was able to crack the password hash in 12 seconds at a rate of 7.892 million combinations per second. With GPU password cracking there are not many passwords that are safe anymore. Below is an example I used in a previous article of cracking a Cisco Type 7 password using a simple Perl script. In the example below I ran the Perl script on my Macbook and the password was returned in less than 5 seconds.

Cracking Cisco Type 7 Password Hashes With Perl Script:

devqd: alex perl cdecrypt.pl 04480E051A33490E secure devqd: alex

You can find the details of the Perl script used above in this article. So no matter how the password is stored in a Cisco configuration if you have access to the configuration you can likely crack the password.

No more Password Misery tm Useful Cisco Password Utilities, or Uk. Pooh. for short.

Jan 09, 2012  The BackTrack 5 Live DVD. BackTrack is a bootable Linux distribution that s filled to the brim with network testing tools, and while it s not strictly.

crack cisco password type 5

Aug 18, 2011  Crack Cisco IOS Password Hashes, Crack Cisco Type 5 Type 7 Password Hashes Question Defense.

Fastest, tested, mostly free password recovery software with benchmarks and review.

Password recovery is a fairly frequently used procedure for administrators and engineers. Even though we usually stack our passwords in some word, excel or text.

So you have a cisco device that is password protected, perhaps it is a mission critical core device and you lost the password. It doesn t matter why, but maybe when.