From: Brian Hescock (bhescock@xxxxxxxxx)
Date: Tue Aug 15 2000 - 14:53:34 GMT-3
If you're using a unix box you can send a break through the terminal
server by using <shif><right bracket> where "right bracket" is the
"]" key. you'll get a prompt that says "telnet>". From there just enter
"send break" and press enter.
Brian
On Tue, 15 Aug 2000, Harbir Kohli wrote:
> And how do you send the break sequence ?
>
> Brian Hescock wrote:
>
> > Actually, you don't even need physical access, here's how:
> >
> > me on my pc ------------------modem --terminal server ----router
> >
> > This is a common procedure for some fortune 500 companies. It also
> > provides you a safe way to remotely do IOS upgrades, even if it doesn't
> > boot properly you can still get in via console. Password recovery is a
> > breeze also.
> >
> > Brian
> >
> > On Tue, 15 Aug 2000, David L Stewart wrote:
> >
> > > John,
> > >
> > > What you are trying is impossible by design for security
> > > reasons. That doesn't mean the router admin can't put holes
> > > in this and make it possible. If he does, he is putting his
> > > network at risk. I can think of two cases for this.
> > >
> > > In cases where the BREAK has been left active, this does allow
> > > you to do what you want _if_ you have access to the router's
> > > CON and not just a VTY. Do a "sh ver" and see if the config
> > > reg has the ignore BREAK bit set: a 0x2102 is normal but if
> > > it is 0x2002 (break active) or 0x2042 (break active and set to
> > > ignore cofig in NVRAM), you can send the router a BREAK and
> > > enter into rommon mode. In rommon, you can set the config-reg
> > > to ignore the current config (if not already set to do so) and
> > > reload with no passwords set. After a reload, you can enable,
> > > then config mem to get an enabled configured router prompt.
> > >
> > > This can also be done in hardware. The only one who does this
> > > is r1r2.com on their labs. Their method is to detect a BREAK
> > > and force a reset of the router. Then, subsequent BREAK signals
> > > go to the router console rather than cause another reset. This
> > > is not a production environment and would be foolish to do in
> > > a production environment. Their web page is www.r1r2.com.
> > >
> > > Most other labs on the 'net have remote control power strips
> > > that cycle power to the equipment for password recovery. The
> > > power strip access is a separate connection and can be password
> > > protected or assigned a special ascii code which you must know.
> > >
> > > You may want to look at Cisco's password recovery page. There
> > > are ways to break into all Cisco gear. All methods require
> > > some type of physical access to the router or switch.
> > >
> > > Good luck
> > > Dave
> > >
> > > At 09:37 PM 8/13/00, qq wrote:
> > > >hi,
> > > > who can shed some light on me.
> > > > if not permit touch the power of cisco router, and also you are at t
he
> > > > status of normal mode, not exec privilege mode, can somebody crack the
> > > > password of the cisco router?
> > > >
> > > > just like status below:
> > > >
> > > >
> > > > router>
> > > >
> > > >can somebody crack the password?
> > > >
> > > >this is really stuck me!
> > > >
> > > >
> > >
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:24:26 GMT-3