Thursday, November 15, 2007

Cisco IOS: Decrypt Cisco Type 7 passwords on Cisco Router


Cisco IOS hints and tricks: Type 7 decryption in Cisco IOS


Type 7 decryption in Cisco IOS


You don't need password crackers to decode type-7 passwords, you just need access to a router. Here's how you do it:


We'll turn on type-7 encryption for local passwords and generate a test username



R1(config)#service password-encryption
R1(config)#username test password t35t:pa55w0rd


Next we'll inspect the generated username with the show running command



R1(config)#do show run | include username
username test password 7 08351F1B1D431516475E1B54382F


Now we'll create a key chain and enter the type-7 encrypted password as the key string …



R1(config)#key chain decrypt
R1(config-keychain)#key 1
R1(config-keychain-key)#key-string 7 08351F1B1D431516475E1B54382F


… and the show command does the decryption for us.



R1(config-keychain-key)#do show key chain decrypt
Key-chain decrypt:
key 1 -- text "t35t:pa55w0rd"
accept lifetime (always valid) - (always valid) [valid now]
send lifetime (always valid) - (always valid) [valid now]



Technorati :
Del.icio.us :
Ice Rocket :