Recovering an encrypted enable secret password from a printed configuration

Unanswered Question
Apr 26th, 2007

I am working at a new customer site. They had some issues with their former Network Admin; apparently he was the only one whom knew the "enable secret" to logon to the Edge Router( 3600 box).

I have a printed copy of the configuration. The configuration is using the global "service-password encryption" command, and therefore I cannot tell what the configured enable secret password is.

Is there a way I can descrable the encrypted password from the printed config??

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
situwayne Thu, 04/26/2007 - 11:26

I don't think you can discramble the "enable secret password", because it's MD5 hash.

Since you have the printed config, you can use snmp to change it.

Kevin Melton Thu, 04/26/2007 - 11:47

I am unclear why you say I can use snmp to change it.... using specifically what??

thx

situwayne Thu, 04/26/2007 - 13:32

snmp-server community Private RW

assuming there is no access-list to prevent you from using snmp to access the router, there are numerous utilities out there which will allow you to modify the config using snmp rw community. the router does not have to reload using this method.

or

do password recovery as suggested.

avmabe Thu, 04/26/2007 - 12:29

No. You can do nothing with an "enable secret" password from printed text.

Actions

This Discussion