 |  |  |  |  |  |  |  |  |
 |  |  |  |  |  |  | ||
 |  |  |  |  |  | |||
 |  |  |  |  |  |  |
|
||||||||||||||||||||||||||||||
|
|
|
|
This page contains an applet with two Cisco utilities. To use the
applet, you must have a Java 2
Runtime Environment or the Java
Plugin. For those of you that don't want to load the Plug-in, I've
re-written the Password Cracker with a minimal GUI in plain
old vanilla Java which should run on any browser: Stripped Password Cracker .
For the developers out there, I also have an XML-RPC service available
at: http://www.kazmier.com/cgi-bin/CiscoCrackXmlRpc (you can use
system.listMethods to learn about the services).
UPDATE: if you are still using the password cracker on this page, you'll
be happy to know there is a much faster Flash interface available here.
The first utility is the Cisco Password Crack. It is able to decrypt Cisco's encrypted "type 7" passwords. "Type 7" password encryption is used when "service password-encryption" has been enabled. Unfortunately, the cryptographic algorithm is not very complex or secure. I wrote the applet based on an algorithm that was posted to Bugtraq. The second utility is the Cisco Access List Address Checker. Sounds impressive? It really isn't. All this utility does is check to see if an IP address (the "Check" field) matches an access list, both address (the "Address" field) and inverse mask (the "Mask" field), that you specify. Its a good sanity checker. I wrote this based on my comments in my document on Common Mistake with Access Lists . Feel free to contact me with any questions and/or comments at pete-web@kazmier.com. |