|
Message-ID: <CAP0RALA4z-JcfZYY47GW1Yeb5BchsPQGX-66cHd6j26J04FO5A@mail.gmail.com>
Date: Mon, 8 Dec 2014 17:08:50 +0100
From: Nicolas Collignon <nicolas.collignon@...acktiv.com>
To: john-users@...ts.openwall.com
Subject: Cisco ACS repository passwords decryption / samples request
Hello,
I had to audit several Cisco ACS configurations recently and wanted to
check for passwords quality.
Cisco ACS configurations contain several hashes types including at
least md5crypt and another hash format for "ACS repositories".
The repository hash format is just 3DES-CBC with hardcoded key/iv.
Since the padding handling of Cisco ACS passwords hash function looks
wrong^Wweird, i'm not sure if the provided code works for passwords
between 8-15 chars and above 16 chars.
If anyone is able to provide repository passwords hashes for the
following passwords, i could check/fix the code:
- @A1aaaaaaaaaaaa
- @A2aaaaaaaaaaaab
- @A3aaaaaaaaaaaabc
- @A4aaaaaaaaaaaaa@...aaaaaaaaaaaa
The hashes can be found in the configuration dump.
ex:
---
repository backup
url ftp://x.x.x.x/ACS/
user <login> password hash <40-hexdigits-string>
---
I'm sending the email to this list because the question has already
been asked in April 2013, subject "RE: Cisco ACS username: hash or
crypt or.... and de-encoding?"
So the conclusion is john is not needed for ACS repositories.
The attached script is able to decrypt all hashes from the 2013 emails:
---
$ python cisco_acs_repo_decrypt.py \
e9946ba7c6d935abb632cebc1f3caf125fb12f1d \
539857e4263c18843a60c877a8372cc4e33a2675 \
9d6afb513cd6b08be15f600545bba0496fd4efd5
e9946ba7c6d935abb632cebc1f3caf125fb12f1d => Abcd123
539857e4263c18843a60c877a8372cc4e33a2675 => aBcd123
9d6afb513cd6b08be15f600545bba0496fd4efd5 => a
---
Hope it can help...
-- Nicolas Collignon
View attachment "cisco_acs_repo_decrypt.py" of type "text/x-python" (1095 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.