From: miguel.dilaj@pharma.novartis.com
Date: Wed Dec 10 2003 - 12:16:50 EST
Hi Paul,
As far as I remember, those $2 should correspond to BlowFish.
Anyway, it's the first time I see that on Cisco devices, but that's not my
specific field of expertise.
John can crack BlowFish (again: AFAIR), so if they're not recognized
perhaps something is different.
Can you post an example hash? (One for which you know the password).
Cheers,
Miguel
"Paul Bakker" <bakker@fox-it.com>
10/12/2003 11:32
To: <pen-test@securityfocus.com>
cc:
Subject: Cisco Catalyst 4006 CatOS Password Hash
During a pentest/audit I received from the client the configurations for
their Cisco Catalyst 4006 and their other Cisco IOS switches.
The passwords in the Cisco IOS configuration file are in in the known
usual format of the FreeBSD MD5 hash...
Like $1$xxxx$xxxxxxxxxxxxxxxxxxx
These are easily crackable/recognized by both John the Ripper and
Cain&Abel.
The passwords on the Catalyst are in the same format (for the eye), but
instead of starting with $1$ they start with $2$..... Both John and Cain
do not recognize these hashes.
Can anybody shed some light on the hash function used to create these and
any tools that can be used to eudit the password strenght of these
passwords (Or how John or Cain can be sed for this...)
-- Paul Bakker --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:44 EDT