{"id":1895,"date":"2009-06-01T21:52:53","date_gmt":"2009-06-01T19:52:53","guid":{"rendered":"http:\/\/security-planet.de\/?p=1895"},"modified":"2009-06-01T21:52:53","modified_gmt":"2009-06-01T19:52:53","slug":"entschlusselung-von-cisco-passwortern","status":"publish","type":"post","link":"https:\/\/cyber-fi.net\/index.php\/2009\/06\/01\/entschlusselung-von-cisco-passwortern\/","title":{"rendered":"Entschl\u00fcsselung von Cisco Passw\u00f6rtern"},"content":{"rendered":"<p>Vermutlich gibt es tausende von Programmen, um Cisco-Passw\u00f6rter vom Typ &#8220;7&#8221; in ihre Klartextform zur\u00fcckzurechnen. Vor kurzem habe ich aber kein passendes f\u00fcr den MAC gefunden. Daher habe ich mich entschieden, kurzerhand selbst eines in Python zu schreiben. Die Funktion der Passw\u00f6rter habe ich im Beitrag <a href=\"http:\/\/security-planet.de\/2006\/08\/17\/der-schutz-hinter-service-password-encryption\/\">Der Schutz hinter \u201cservice password-encryption\u201d im Cisco IOS<\/a> schon beschrieben.<\/p>\n<p>Das ist dabei herausgekommen:<\/p>\n<blockquote><p><a href='http:\/\/security-planet.de\/wp-content\/uploads\/2009\/06\/cipade.py'>Download des Scripts &#8220;cipade.py&#8221;<\/a><\/p><\/blockquote>\n<pre class=\"code\"><code>\n#! \/usr\/bin\/python\n## \n##  Karsten Iwen\n##  please send bug-reports, comments or improvements to:\n##  ki@security-planet.de\n##\n\nimport sys\n\nctable = (0x64, 0x73, 0x66, 0x64, 0x3b, 0x6b, 0x66, 0x6f, 0x41, 0x2c,\n0x2e, 0x69, 0x79, 0x65, 0x77, 0x72, 0x6b, 0x6c, 0x64, 0x4a,\n0x4b, 0x44, 0x48, 0x53, 0x55, 0x42, 0x73, 0x67, 0x76, 0x63,\n0x61, 0x36, 0x39, 0x38, 0x33, 0x34, 0x6e, 0x63, 0x78, 0x76,\n0x39, 0x38, 0x37, 0x33, 0x32, 0x35, 0x34, 0x6b, 0x3b, 0x66,\n0x67, 0x38, 0x37)\n\nif len(sys.argv) == 2:\n\tinput = sys.argv[1]\n\tlength = len(input)\n\tif length%2 != 0:\n\t\tprint (\"!!!\")\n\t\tprint (\"!!! The encrypted password has an odd number of digits. It should be even!\")\n\t\tprint (\"!!! So the decrypted password is not complete!\")\n\t\tprint (\"!!!\")\n\t\tlength = length -1\n\tif length &lt; 4:\n\t\tprint (&quot;!!!&quot;)\n\t\tprint (&quot;!!! The Input is too short&quot;)\n\t\tprint (&quot;!!!&quot;)\n\telse:\n\t\tpos = 2\n\t\ttpos = int(input[0:2])\n\t\tpw = &quot;&quot;\n\t\twhile pos &lt; length:\n\t\t\tpw = pw + chr( int(&quot;0x&quot;+input[pos:pos+2],16) ^ int(hex(ctable[tpos]),16))\n\t\t\tpos = pos + 2\n\t\t\ttpos = tpos +1\n\t\t\tif tpos == 53: tpos = 0\n\t\tprint (pw)\nelse:\n\tprint (&quot;&quot;)\n\tprint (&quot;cipade.py v1.0&quot;)\n\tprint (&quot;==============&quot;)\n\tprint (&quot;cipade (CIsco PAssword DEcoder) &#039;decrypts&#039; type 7 passwords used in Cisco IOS-configurations&quot;)\n\tprint (&quot;&quot;)\n\tprint (&quot;Usage&quot;)\n\tprint (&quot;=====&quot;)\n\tprint (&quot;cipade [the type 7 encrypted password]&quot;)\n\tprint (&quot;&quot;)\n\tprint (&quot;Written by:&quot;)\n\tprint (&quot;===========&quot;)\n\tprint (&quot;Karsten Iwen&quot;)\n\tprint (&quot;ki@security-planet.de&quot;)\n\tprint (&quot;http:\/\/security-planet.de&quot;)\n\tprint (&quot;&quot;)\n<\/code><\/pre>\n<p>Ich vermute, da\u00df man mindestens die XOR-Operation noch etwas eleganter programmieren k\u00f6nnte. Verbesserungsvorschl\u00e4ge werden gerne angenommen.<br \/>\nDas Script muss einfach als &#8220;cipade.py&#8221; im Suchpfad abgespeichert und als ausf\u00fchrbar markiert werden.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Vermutlich gibt es tausende von Programmen, um Cisco-Passw\u00f6rter vom Typ &#8220;7&#8221; in ihre Klartextform zur\u00fcckzurechnen. Vor kurzem habe ich aber kein passendes f\u00fcr den MAC gefunden. Daher habe ich mich entschieden, kurzerhand selbst eines in Python zu schreiben. Die Funktion der Passw\u00f6rter habe ich im Beitrag Der Schutz hinter \u201cservice password-encryption\u201d im Cisco IOS schon <\/p>\n<div class=\"read-more-text\"><a href=\"https:\/\/cyber-fi.net\/index.php\/2009\/06\/01\/entschlusselung-von-cisco-passwortern\/\" class=\"read-more\">continue reading<\/a><\/div>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"twitterCardType":"","cardImageID":0,"cardImage":"","cardTitle":"","cardDesc":"","cardImageAlt":"","cardPlayer":"","cardPlayerWidth":0,"cardPlayerHeight":0,"cardPlayerStream":"","cardPlayerCodec":"","footnotes":""},"categories":[5],"tags":[307,458,490,620],"class_list":["post-1895","post","type-post","status-publish","format-standard","hentry","category-cisco","tag-ios","tag-passworter","tag-python","tag-type-7"],"_links":{"self":[{"href":"https:\/\/cyber-fi.net\/index.php\/wp-json\/wp\/v2\/posts\/1895","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cyber-fi.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyber-fi.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyber-fi.net\/index.php\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/cyber-fi.net\/index.php\/wp-json\/wp\/v2\/comments?post=1895"}],"version-history":[{"count":0,"href":"https:\/\/cyber-fi.net\/index.php\/wp-json\/wp\/v2\/posts\/1895\/revisions"}],"wp:attachment":[{"href":"https:\/\/cyber-fi.net\/index.php\/wp-json\/wp\/v2\/media?parent=1895"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyber-fi.net\/index.php\/wp-json\/wp\/v2\/categories?post=1895"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyber-fi.net\/index.php\/wp-json\/wp\/v2\/tags?post=1895"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}