Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 7 Aug 2010 17:47:04 +0000 (UTC)
From: Robert Ramsey <ramseyrt@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Cracking CISCO ASA 5510

01234567890123456789012345678901234567890123456789012345678901234567890123456789
> 
> On Mon, Feb 01, 2010 at 11:54:16AM -0300, Nahuel Grisol?a wrote:
> > Hello there, I want to crack the following:
> > 
> > username USER1 password 8X6XXXXXXXXXXHZB encrypted
> > username USER2 password H1HXXXXXXXXX8rwR. encrypted
> > 
> > Does JtR support this?
> 
> I was too quick to state that this was not supported.  It is.  It turns
> out that this is the same hashing method that Cisco PIX uses:
> 
> $ cat pw
> cisco:2KFQnbNIdI.2KYOU
> 
> $ ./john pw
> Loaded 1 password hash (PIX MD5 [pix-md5 MMX])
> cisco            (cisco)
> 

Hello,

Using the example above, I was not able to get john to accept my Pix or ASA
passwords.  I even copied in the cisco:2KFQnbNIdI.2KYOU from above as a test.
When I run john on any of my Pix or ASA passwords or the example above I get
the following output:

[rramsey@...ora run]$ cat test.pw 
cisco:2KFQnbNIdI.2KYOU

[rramsey@...ora run]$ ./john test.pw
No password hashes loaded

[rramsey@...ora run]$ whereis john
john: /usr/bin/john /etc/john.conf /usr/libexec/john /usr/share/john

[rramsey@...ora run]$ /usr/bin/john test.pw
No password hashes loaded

The two versions of jtr I tried follow:

john-1.7.6.tar (source), using linux-x86-sse2 with make
john-1.7.3.4-1.fc13.i686 (rpm), pulled down with yum

Looking at the example above this should just work.  Am I missing something?

When I try to crack a password from one of my 2500 series routers, john works
just fine:

[rramsey@...ora run]$ cat 2500.pw 
enable:$1$Tkln$T7WMpUgXmrrAhLV7ptiWB/
home:$1$7OIB$denN36OJ68zxWcPIdZsGI.

[rramsey@...ora run]$ ./john --wordlist=password.lst 2500.pw
Loaded 2 password hashes with 2 different salts (FreeBSD MD5 [32/32])
cangetin         (enable)
cangetin         (home)
guesses: 2  time: 0:00:00:00 100%  c/s: 16.66  trying: cangetin

Looking at output from od -c on both of my password files, there's nothing
unusual:

[rramsey@...ora run]$ od -c test.pw
0000000   c   i   s   c   o   :   2   K   F   Q   n   b   N   I   d   I
0000020   .   2   K   Y   O   U  \n
0000027
[rramsey@...ora run]$ od -c 2500.pw 
0000000   e   n   a   b   l   e   :   $   1   $   T   k   l   n   $   T
0000020   7   W   M   p   U   g   X   m   r   r   A   h   L   V   7   p
0000040   t   i   W   B   /  \n   h   o   m   e   :   $   1   $   7   O
0000060   I   B   $   d   e   n   N   3   6   O   J   6   8   z   x   W
0000100   c   P   I   d   Z   s   G   I   .  \n
0000112

Thanks,

Rob


Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.