Root me — Cisco Password Write-up

Cisco內建有針對Config做保護的指令,但你知道可以被解開嗎?

Root me 這個平台有一題為解出Cisco 設備的Config 密碼的練習!

題目Link:

解題

因為Cisco 內密碼加密的方式是可逆的,來看一下Config一小段內容:

hostname rmt-paris
!
security passwords min-length 8
no logging console
enable secret 5 $1$p8Y6$MCdRLBzuGlfOs9S.hXOp0.
!
username hub password 7 025017705B3907344E
username admin privilege 15 password 7 10181A325528130F010D24
username guest password 7 124F163C42340B112F3830

我們可以將三個password後面的數值丟去線上解密的平台看看

得到結果如下:

  1. hub:6sK0_hub
  2. admin:6sK0_admin
  3. guest:6sK0_guest

所以依照順序,hub解出hub,猜的到答案應該是

enable:6sK0_enable

業餘資安寫手,成員來自於四大會計師事務所、不同類型的資安與科技公司,希望透過紀錄所學的知識來回饋於社群上,互相學習分享。另提供企業資安顧問服務,依照企業規模與需求評估企業網路安全設計、基礎資訊安全防禦規劃。contact@kuronetwork.me

Recommended from Medium

HTB Retired Box Walkthrough: Beep

Daily links of Fernand0 — Enlaces diarios de Fernand0 — Issue #356

DNS Exfiltration By Living Off The Land Technique (w/o PowerShell)

CENTUS Assets Re-issue

{UPDATE} 僕の彼女は人魚姫!? Hack Free Resources Generator

Al-Khaser — Public Malware Techniques used in the Wild: Virtual Machine, Emulation, Debuggers…

Connecting a Third Party WIFI Router to CenturyLink Fiber Optic Internet

Securing Your Wordpress Website

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Kuro Huang

Kuro Huang

充滿熱情的資安從業者,喜歡用專業興趣交朋友而非透過商業關係建立友誼。目前於安永 ( EY ) 擔任資訊安全顧問,希望對資安社群盡一點心力,並期望自己與身旁的人能有所進步,歡迎喝咖啡聊資安。希望保持著定期參與資安社群活動。 LinkedIn好友、文章目錄與個人介紹請參考 :https://kuronetwork.me

More from Medium

Permission Master CyberTalents CTF #Linux Essentials

TryHackMe / Linux Fundamentals Part 1

HTB Write-up Jeeves (Windows) File Transferring with SMB file share(impacket tool), Poweshell &…

Tryhackme : Aratas