Penetration Testing mailing list archives
RE: cracking cisco passwords
From: "woody weaver" <woody () callisma com>
Date: Mon, 15 Oct 2001 21:27:50 -0700
On Monday, October 15, 2001 8:31 AM, Joshua Wright [mailto:Joshua.Wright () jwu edu] wrote:
Brute force with a dictionary attack would be your best option. The type 5 password is based on the MD5 hash algorithm. You could create a perl program with a CPAN module to calculate the hashes.
One could. However, I think "John the Ripper" is a better approach. Its available at the usual places, and provides an effective brute force engine. Because the Cisco approach is based upon the BSD code, you can use the BSD password format -- feed john a file like jason:$1$6Je2$MurE4FTzoZjQShRW4Ui9H0:::::::: But realize this is a hard task. I get around 1400 crypts per second on this laptop -- so a conventional dictionary falls pretty quickly. But if the site has a sound password creation policy, you are not going to succeed with a brute force approach without some serious parallelization. --woody ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- cracking cisco passwords Jason binger (Oct 15)
- Re: cracking cisco passwords Volker Tanger (Oct 15)
- Re: cracking cisco passwords Jason Witty, CISSP (Oct 15)
- Re: cracking cisco passwords Damiano Scrigni (Oct 15)
- Re: cracking cisco passwords Jim Duncan (Oct 15)
- Re: cracking cisco passwords Jim Duncan (Oct 15)
- <Possible follow-ups>
- RE: cracking cisco passwords Joshua Wright (Oct 15)
- RE: cracking cisco passwords woody weaver (Oct 16)