From: Harbir Kohli (harbirk@xxxxxxxxxxxx)
Date: Tue Aug 15 2000 - 14:17:03 GMT-3
And how do you send the break sequence ?
Brian Hescock wrote:
> Actually, you don't even need physical access, here's how:
>
> me on my pc ------------------modem --terminal server ----router
>
> This is a common procedure for some fortune 500 companies. It also
> provides you a safe way to remotely do IOS upgrades, even if it doesn't
> boot properly you can still get in via console. Password recovery is a
> breeze also.
>
> Brian
>
> On Tue, 15 Aug 2000, David L Stewart wrote:
>
> > John,
> >
> > What you are trying is impossible by design for security
> > reasons. That doesn't mean the router admin can't put holes
> > in this and make it possible. If he does, he is putting his
> > network at risk. I can think of two cases for this.
> >
> > In cases where the BREAK has been left active, this does allow
> > you to do what you want _if_ you have access to the router's
> > CON and not just a VTY. Do a "sh ver" and see if the config
> > reg has the ignore BREAK bit set: a 0x2102 is normal but if
> > it is 0x2002 (break active) or 0x2042 (break active and set to
> > ignore cofig in NVRAM), you can send the router a BREAK and
> > enter into rommon mode. In rommon, you can set the config-reg
> > to ignore the current config (if not already set to do so) and
> > reload with no passwords set. After a reload, you can enable,
> > then config mem to get an enabled configured router prompt.
> >
> > This can also be done in hardware. The only one who does this
> > is r1r2.com on their labs. Their method is to detect a BREAK
> > and force a reset of the router. Then, subsequent BREAK signals
> > go to the router console rather than cause another reset. This
> > is not a production environment and would be foolish to do in
> > a production environment. Their web page is www.r1r2.com.
> >
> > Most other labs on the 'net have remote control power strips
> > that cycle power to the equipment for password recovery. The
> > power strip access is a separate connection and can be password
> > protected or assigned a special ascii code which you must know.
> >
> > You may want to look at Cisco's password recovery page. There
> > are ways to break into all Cisco gear. All methods require
> > some type of physical access to the router or switch.
> >
> > Good luck
> > Dave
> >
> > At 09:37 PM 8/13/00, qq wrote:
> > >hi,
> > > who can shed some light on me.
> > > if not permit touch the power of cisco router, and also you are at the
> > > status of normal mode, not exec privilege mode, can somebody crack the
> > > password of the cisco router?
> > >
> > > just like status below:
> > >
> > >
> > > router>
> > >
> > >can somebody crack the password?
> > >
> > >this is really stuck me!
> > >
> > >
> >
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:24:26 GMT-3