Re: crack password without turn on/off the cisco router power. help!!

From: David L Stewart (D.Stewart@xxxxxxxxxxxxxxx)
Date: Tue Aug 15 2000 - 11:20:18 GMT-3

• Next message: Brian S turner: "RE: how to change the reverse telnet line speed to ???"
• Previous message: Brian S turner: "RE: How to find the Type-Code in Cisco CD?"
• Maybe in reply to: qq: "crack password without turn on/off the cisco router power. help!!"
• Next in thread: Brian Hescock: "Re: crack password without turn on/off the cisco router power. help!!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
John,

What you are trying is impossible by design for security
reasons. That doesn't mean the router admin can't put holes
in this and make it possible. If he does, he is putting his
network at risk. I can think of two cases for this.

In cases where the BREAK has been left active, this does allow
you to do what you want _if_ you have access to the router's
CON and not just a VTY. Do a "sh ver" and see if the config
reg has the ignore BREAK bit set: a 0x2102 is normal but if
it is 0x2002 (break active) or 0x2042 (break active and set to
ignore cofig in NVRAM), you can send the router a BREAK and
enter into rommon mode. In rommon, you can set the config-reg
to ignore the current config (if not already set to do so) and
reload with no passwords set. After a reload, you can enable,
then config mem to get an enabled configured router prompt.

This can also be done in hardware. The only one who does this
is r1r2.com on their labs. Their method is to detect a BREAK
and force a reset of the router. Then, subsequent BREAK signals
go to the router console rather than cause another reset. This
is not a production environment and would be foolish to do in
a production environment. Their web page is www.r1r2.com.

Most other labs on the 'net have remote control power strips
that cycle power to the equipment for password recovery. The
power strip access is a separate connection and can be password
protected or assigned a special ascii code which you must know.

You may want to look at Cisco's password recovery page. There
are ways to break into all Cisco gear. All methods require
some type of physical access to the router or switch.

Good luck
Dave

At 09:37 PM 8/13/00, qq wrote:
>hi,
> who can shed some light on me.
> if not permit touch the power of cisco router, and also you are at the
> status of normal mode, not exec privilege mode, can somebody crack the
> password of the cisco router?
>
> just like status below:
>
>
> router>
>
>can somebody crack the password?
>
>this is really stuck me!
>
>

• Next message: Brian S turner: "RE: how to change the reverse telnet line speed to ???"
• Previous message: Brian S turner: "RE: How to find the Type-Code in Cisco CD?"
• Maybe in reply to: qq: "crack password without turn on/off the cisco router power. help!!"
• Next in thread: Brian Hescock: "Re: crack password without turn on/off the cisco router power. help!!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:24:26 GMT-3