Root me — Cisco Password Write-up

Kuro Huang
資安工作者的學習之路
Published in
1 min readNov 16, 2019

--

Cisco內建有針對Config做保護的指令,但你知道可以被解開嗎?

Root me 這個平台有一題為解出Cisco 設備的Config 密碼的練習!

題目Link:

CISCO - password

CISCO - password : It's not always a hash.

www.root-me.org

解題

因為Cisco 內密碼加密的方式是可逆的,來看一下Config一小段內容:

hostname rmt-paris
!
security passwords min-length 8
no logging console
enable secret 5 $1$p8Y6$MCdRLBzuGlfOs9S.hXOp0.
!
username hub password 7 025017705B3907344E
username admin privilege 15 password 7 10181A325528130F010D24
username guest password 7 124F163C42340B112F3830

我們可以將三個password後面的數值丟去線上解密的平台看看

Cisco Password Cracker

Javascript tool to convert Cisco type 7 encrypted passwords into plain text so that you can read them. This is done…

www.ifm.net.nz

得到結果如下:

  1. hub:6sK0_hub
  2. admin:6sK0_admin
  3. guest:6sK0_guest

所以依照順序,hub解出hub,猜的到答案應該是

enable:6sK0_enable

其他聯絡方式 : https://kuronetwork.me/contact/

所有文章: https://kuronetwork.me/posts/

關於我: https://kuronetwork.me/about/

也歡迎繼續閱讀:

網路安全封包分析:Wireshark 快速判斷IP位置並找出可疑程式 — 使用GeoLite2

CTF Write-up 滲透測試系列

https://medium.com/blacksecurity/tagged/ctf

資訊安全系列

https://medium.com/blacksecurity/tagged/information-security

網路管理系列

https://medium.com/blacksecurity/tagged/network

財務金融系列

https://medium.com/blacksecurity/tagged/finance
Ctf
Root Me
Hackthebox
Tryhackme
Pentesting

--

--

Kuro Huang
資安工作者的學習之路

Written by Kuro Huang

760 Followers
Editor for

對教育充滿期待的資安從業者,現任ISC2台北分會理監事會成員,喜歡用專業興趣交朋友建立友誼。曾擔任資安管理師與四大會計師事務所資安顧問,希望對資安社群盡一點心力,並期望自己與身旁的人能有所進步,歡迎喝咖啡聊資安。希望保持著定期參與資安社群活動。 LinkedIn、文章目錄與個人介紹請參考 :kuronetwork.me

More from Kuro Huang and 資安工作者的學習之路

See all from Kuro Huang
See all from 資安工作者的學習之路

Recommended from Medium

Lists

Staff Picks

323 stories82 saves

Stories to Help You Level-Up at Work

19 stories53 saves

Self-Improvement 101

20 stories103 saves

Productivity 101

20 stories111 saves
See more recommendations

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech