Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

AW: Penetrating a Cisco Catalyst with CatOS [resolved]

from [Marc . Werner] Network Security [Permanent Link]
Subject: AW: Penetrating a Cisco Catalyst with CatOS [resolved]
Date: Thu, 21 Jul 2005 07:34:29 +0200 
Thank you very much, it works!!!

Rgds Marc

-----Ursprüngliche Nachricht-----
Von: Luis Cerdas [mailto:luis.cerdas@rawten.net] 
Gesendet: Mittwoch, 20. Juli 2005 21:53
An: Werner, Marc
Cc: pen-test@securityfocus.com
Betreff: Re: Penetrating a Cisco Catalyst with CatOS

Marc, checking over the list, it seems that this was discussed on 
December 2003;  indeed it usually means blowfish encryption and 
according to Frisbie (http://www.securityfocus.com/archive/101/347334), 
you can change the $2$ to $1$ and attack it with John the ripper.  I 
haven't tried it myself, but it might work.

Regards,
Luis Cerdas

Partner & Director
Rawten Latinoamerica, S.A.
Mobile: +506 371 7000
Office: +506 224 0432
US Voicemail: +1 (866) 303 1154

On Jul 20, 2005, at 6:22 AM, Marc.Werner@t-systems.com wrote:


Hi list,

in my actual pen-test-project I was able to get a cisco-config by 
SNMP. The passwords are encrypted. Does anyone know the algorithm? The 
password hash starts with $2$, an "normal" IOShash starts with $1$. Is 
it probably blowfish?
Thanks for your help in advance!!!


Mit freundlichen Grüßen / Kind regards

Marc Werner
T-Systems International GmbH
Research & Development Engineer
Technology Center 
Engineering Networks, Products & Services
Multi Access Solutions & AAA Technologies
Sendefunkstelle Haus 5, 25335 Elmshorn
Tel           +49 4121 29198819
PC Fax  +49 1805 3344902042
Fax           +49 4121 29198899
Mobil +49 170   5637815
E-Mail: marc.werner@t-systems.com
Internet: http://www.t-systems.com
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • AW: Penetrating a Cisco Catalyst with CatOS [resolved], Marc . Werner <=
Previous by Date:  Re: Penetrating a Cisco Catalyst with CatOS, Mark Teicher
Next by Date:  Unknown App, thenightweighsheavy
Previous by Thread:  VoIP testing Help, Mark Sec
Next by Thread:  Unknown App, thenightweighsheavy
Indexes:  [Date] [Thread] [Top] [All Lists]