What is Cisco enable secret password (Encrypted Privileged exec Password): Cisco Enable secret password is used for restricting access to enable mode and to the global configuration mode of a router Enable secret password is stored in encrypted form in the router’s configurations and is also called encrypted privileged exec password, therefore hard to break for an intruder and cannot be seen.

Original Message- From: Pachulski, Keith mailto:keithp corp ptd net Sent: Friday, November 04, 2005 8:02 AM To: Unknown User; pen-test securityfocus com Subject: RE: Cisco Secret 5 and John Password Cracker Look for a program called tomas.exe aka Too Many Secrets - this one does work for the cisco passwords. Type 5 Cisco Password Hashes Type 5 encryption Encrypted with the MD5 algorithm, type 5 passwords are the most secure of the three. There is currently no known method for decrypting a type 5 password.

5.1.2.4 Lab – Password Cracking Answers

Lab – Password Cracking (Answers Version)

Answers Note: Red font color or gray highlights indicate text that appears in the Answers copy only.

Objectives

Use a password cracking tool to recover a user’s password.

Background / Scenario

There are four user accounts, Alice, Bob, Eve, and Eric, on a Linux system. You will recover these passwords using John the Ripper, an open source password cracking tool.

Required Resources

  • PC with Ubuntu 16.04 Desktop LTS installed in a VirtualBox or VMware virtual machine.

Step 1: Open a terminal window in Ubuntu.

  1. Log in to Ubuntu using the following credentials:
    User: cisco
    Password: password
  2. Click on the terminal icon to open terminal.

Step 2: Run John the Ripper.

  1. At the command prompt, enter the following command to change to the directory where John the Ripper is located:
    cisco@ubuntu:~$ cd ~/Downloads/john-1.8.0/run
  2. At the command prompt, enter the following command :
    cisco@ubuntu:~/Downloads/john-1.8.0/run$ sudo ./unshadow /etc/passwd /etc/shadow > mypasswdThis command will combine the /etc/passwd file where user accounts are stored, with the /etc/shadow file where user passwords are stored, into a new file called “mypasswd”.

Step 3: Recover Passwords.

  1. Type the following command in terminal:
    cisco@ubuntu:~/Downloads/john-1.8.0/run$ ./john –show mypasswdAs shown above, there are no cracked passwords at this point.
  2. At the command prompt, enter the following command:
    cisco@ubuntu:~/Downloads/john-1.8.0/run$ ./john –wordlist=password.lst –rules mypasswd –format=cryptThe program, John the Ripper, uses a predefined dictionary called password.lst with a standard set of predefined “rules” for handling the dictionary and retrieves all password hashes of both md5crypt and crypt type.
    The results below display the passwords for each account.
  3. At the command prompt, enter the following command:
    cisco@ubuntu:~/Downloads/john-1.8.0/run$ ./john –show mypasswdHow many passwords were cracked?____________________________________________________________________________________
    Five (5)—the four user accounts plus the Cisco account.

Cisco Crack Password 5 7

References

Crack Cisco Privilege 5 Password

John the Ripper: http://www.openwall.com/john/ /smash-4-dlc-download-cemu.html.