So now that I’ve found these Type 7 passwords, I need a way to reverse them. This policy applies to both user accounts and passwords applied to the VTY or Console lines. Due to this, it is never a good idea to use Type 7 passwords. Type 7 passwords use a very weak algorithm that can be easily reversed, but the “secret” command utilizes a MD5 hash which is much more secure. The difference between these two storage methods ( password or secret) are the hashing algorithms. Whereas, the second user was created with this command: This is because the first user was created with a command like this: Note that both of these accounts have the same privilege level, but that the passwords are stored differently. The fact that they were using default cisco/cisco credentials made me cry a little inside, but wait, it gets worse… So I’m in the router, reviewing the running config, and I notice something interesting. While working on a recent pen test, I came across a few Cisco routers sitting on an internal network.
0 Comments
Leave a Reply. |