Recovering an encrypted enable secret password from a printed configuration

Unanswered Question
Apr 26th, 2007
User Badges:

I am working at a new customer site. They had some issues with their former Network Admin; apparently he was the only one whom knew the "enable secret" to logon to the Edge Router( 3600 box).

I have a printed copy of the configuration. The configuration is using the global "service-password encryption" command, and therefore I cannot tell what the configured enable secret password is.

Is there a way I can descrable the encrypted password from the printed config??

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
situwayne Thu, 04/26/2007 - 11:26
User Badges:

I don't think you can discramble the "enable secret password", because it's MD5 hash.

Since you have the printed config, you can use snmp to change it.

Kevin Melton Thu, 04/26/2007 - 11:47
User Badges:

I am unclear why you say I can use snmp to change it.... using specifically what??


situwayne Thu, 04/26/2007 - 13:32
User Badges:

snmp-server community Private RW

assuming there is no access-list to prevent you from using snmp to access the router, there are numerous utilities out there which will allow you to modify the config using snmp rw community. the router does not have to reload using this method.


do password recovery as suggested.

avmabe Thu, 04/26/2007 - 12:29
User Badges:
  • Bronze, 100 points or more

No. You can do nothing with an "enable secret" password from printed text.


This Discussion