help w/ password

Unanswered Question
Jul 27th, 2009

I deleted a sheet of passowrd for my cisco router. now no access. the router are remote. anyone can help or suggest something, I am not in good position now

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (5 ratings)
John Blakley Mon, 07/27/2009 - 13:39

The only thing you'll be able to do is console in and do a password recovery on them if you don't remember the passwords. Physical access is the only option now.



slmansfield Mon, 07/27/2009 - 16:34

As it explains in the URL, the type 7 enable password can be decrypted easily with a readily available password cracking utility. I guess it was fortunate for you that you were not using the enable secret password, since it cannot be decrypted in the same manner.

cisco steps Tue, 07/28/2009 - 05:09

the queston is how he got the ftp server to get the config from the router. not how password is decrypted. I think everyone that is working w/ cisco knows that type 7 can be decrypted , Thanks for your input.

John Blakley Tue, 07/28/2009 - 05:26


If I understand your question, you can have an ftp server enabled on some IOS versions. I don't have any versions on my network that support it, but it can be configured with "ftp-server enable." Then you share the top directory to share through ftp.

Here's some documentation:

I have to tell you that I would see this as a major security risk. It may have helped you in this instance, but should this router ever get compromised, the same thing that helped could wreak major havoc on your network. I would recommend disabling the ftp service.



cisco steps Tue, 07/28/2009 - 05:34


Thanks a lot for your explanation, there is a radius configured as welll as a firewall b4 you can acccess the network router. so we got that part covered "I think". as always .Thanks for taking the time to help out....

milan.kulik Tue, 07/28/2009 - 05:41


just some general ideas:

1) ad the deleted sheet:

no file backup or older version, printed version in a deposit, or file recovery procedure available?

2) no router config copy saved?

Passwords are usually not changed frequently.

3) It might be possible to get the config from the router via SNMP - I never made it personally but remember some documents on CCO.

Isn't there SNMP access available to the router?

4) Last chance is password recovery with physical access to the router console.



John Blakley Tue, 07/28/2009 - 08:02


You won't be able to write the snmp value unless you have RW enabled on the router. If you have the config file, look at your "snmp-server " line and see if you have an RO or RW after, or possibly different communities with RO and RW:

snmp-server public RO

snmp-server private RW

If you don't have one that has the RW after it, you won't be able to write your snmp string to change the password.

I thought the password has been changed, or at least figured out from the ftp transfer and decryption?



cisco steps Tue, 07/28/2009 - 08:21

John- here is what I have as far as snmp community..

snmp-server community homeboy RO 99

snmp-server community homenut RW 99

snmp-server ifindex dogfight

snmp-server enable traps tty

John Blakley Tue, 07/28/2009 - 08:24


The "99" at the end of this line is an acl. Do you know if this acl allows the host/subnet that you're coming from to write to the router? I can set a lab up and see if I can change a password if your acl clearly shows that you have access to write to it.



cisco steps Tue, 07/28/2009 - 08:32

yes I can write to the router and do config change if I want to. Hope this helps


milan.kulik Wed, 07/29/2009 - 00:31


wouldn't it be easier to udelete/repair your deleted password sheet file?



cisco steps Wed, 07/29/2009 - 16:08

did not uderstand your question ?

I deleted the file from my pc . what is you question or suggestion ?

milan.kulik Thu, 07/30/2009 - 00:28


depending on you PC operating system, there should be tools availabe to undelete the file (restore from Windows Trash is the most primitive one, but there are much more sophisticated tools available).

It's still on the disk probably (untill the hard disk sectors overwritten by another file), only not accessible at the moment.




This Discussion