From: Marc.Werner@t-systems.com
Date: Thu Jul 21 2005 - 01:34:29 EDT
Thank you very much, it works!!!
Rgds Marc
-----Ursprüngliche Nachricht-----
Von: Luis Cerdas [mailto:luis.cerdas@rawten.net]
Gesendet: Mittwoch, 20. Juli 2005 21:53
An: Werner, Marc
Cc: pen-test@securityfocus.com
Betreff: Re: Penetrating a Cisco Catalyst with CatOS
Marc, checking over the list, it seems that this was discussed on
December 2003; indeed it usually means blowfish encryption and
according to Frisbie (http://www.securityfocus.com/archive/101/347334),
you can change the $2$ to $1$ and attack it with John the ripper. I
haven't tried it myself, but it might work.
Regards,
Luis Cerdas
Partner & Director
Rawten Latinoamerica, S.A.
Mobile: +506 371 7000
Office: +506 224 0432
US Voicemail: +1 (866) 303 1154
On Jul 20, 2005, at 6:22 AM, Marc.Werner@t-systems.com wrote:
> Hi list,
>
> in my actual pen-test-project I was able to get a cisco-config by
> SNMP. The passwords are encrypted. Does anyone know the algorithm? The
> password hash starts with $2$, an "normal" IOShash starts with $1$. Is
> it probably blowfish?
> Thanks for your help in advance!!!
>
>
> Mit freundlichen Grüßen / Kind regards
>
> Marc Werner
> T-Systems International GmbH
> Research & Development Engineer
> Technology Center
> Engineering Networks, Products & Services
> Multi Access Solutions & AAA Technologies
> Sendefunkstelle Haus 5, 25335 Elmshorn
> Tel +49 4121 29198819
> PC Fax +49 1805 3344902042
> Fax +49 4121 29198899
> Mobil +49 170 5637815
> E-Mail: marc.werner@t-systems.com
> Internet: http://www.t-systems.com
>
>
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:36 EDT