From: kym blair (kymblair@xxxxxxxxxxx)
Date: Thu Dec 13 2001 - 22:47:56 GMT-3
Charles,
I just tested this procedure several times on a 2620 and it worked as
described below; once it allowed a break as if "no security
password-recovery" was not set, and I still got in.
The "no service password-recovery" is not available on my 2500 12.2(1) or
4700M 12.2(6), both running enterprise plus.
Kym
>From: "kym blair" <kymblair@hotmail.com>
>Reply-To: "kym blair" <kymblair@hotmail.com>
>To: CharlesNY2000@Yahoo.Com, ccielab@groupstudy.com
>Subject: Re: Password recovery on a password recovery disabled router
>Date: Fri, 14 Dec 2001 00:54:05 +0000
>
>>From: "Charles Huang" <CharlesNY2000@Yahoo.Com>
>>Reply-To: "Charles Huang" <CharlesNY2000@Yahoo.Com>
>>To: <ccielab@groupstudy.com>
>>Subject: Password recovery on a password recovery disabled router
>>Date: Mon, 10 Dec 2001 10:25:44 -0500
>>
>>Does anybody know how to break a password with password recovery disabled
>>router ?
>Charles,
>
>Check the archives; that was explained (with complete example from a 2620)
>a few weeks ago. Basically, the answer was:
>
>1) do cold boot, don't "break" yet, see message "PASSWORD RECOVERY
>FUNCTIONALITY IS DISABLED, still don't "break" yet, see image
>decompressing,
>still don't "break" yet, see Cisco IOS Version ... copyright ... compiled
>Tue 21-Mar-01 ... Image text-base: 0x80008088 ...
>
>2) BREAK NOW
>
>3) see:
>PASSWORD RECOVERY IS DISABLED.
>Do you want to reset the router to factory default config [y/n] YES
>(enter YES)
>
>4) router boots but acts like you just entered the "no service
>password-recovery" command, and it asks:
>Are you sure you want to continue? [yes/no] NO
>(enter NO)
>
>5) Lets you into privileged mode and the startup-config is still okay.
>
>I have not tested this yet, but the discussion was thorough; the guy knew
>what he was talking about. Good luck.
>
>Kym
>
>
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:32:43 GMT-3