[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 12 Apr 2013 20:42:45 +0200
From: magnum <john.magnum@...hmail.com>
To: john-users@...ts.openwall.com
Subject: Re: Cisco ACS username: hash or crypt or.... and de-encoding?
On 12 Apr, 2013, at 19:38 , Leif Sawyer <lsawyer@....com> wrote:
> I looked through the archives but didn't see anything related...
>
> For Cisco ACS 5, in the CLI administration, a "repository" is defined for the system
> to pull or push backups and patches.
>
> Part of the repo definition is an optional username and password (for ftp, say),
> and is defined thusly:
>
> ACS(config)# repository test-ftp
> ACS(config-repository)# user TestUser password plain abc123
>
> which looks like this afterward:
>
> ACS(config)# do sho run | include TestUser
> user Testuser password hash 0c5eadecc96d64ebe2b9e1d3b636d6053e3898bb
>
> I noted that Cisco calls it a 'hash' -- but since it needs to be cleartext for the ftp process to use it,
> wouldn't this be a misnomer?
I think so.
> In any case, here's a handful of different passwords and hashes, in case somebody can
> do something with it:
I think we need these cases as well:
a) two different usernames but with same password
b) two different passwords but with same username
magnum
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux -
Powered by OpenVZ
