首先必须承认我的无聊,Google上输入cisco decrypt之后就会有一堆的在线密码解析器,但是我比较喜欢CLI…

把楼下一堆代码写到一个文本文件里,例如ciscocrack.c,再编译一下(没有编译器去装一下xcode啦…

gcc -o ciscocrack ciscocrack.c

然后就可以用CLI去解析cisco的密码string了 🙂

当然这不是我写的,来源在此:

http://astorinonetworks.com/2011/06/13/decrypting-cisco-type-7-passwords/

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
/* This program takes the hash of a Cisco "service password-encryption" type 7 password and decrypts it - Joe Astorino 3/9/2008 */
#include 
#include 
 
int extract_index(char *string) {
  /* Function to extract the index into the known key from the hash string */
 
  int tens = 0;
  int ones = 0;
  int index = 0;
 
  tens = (*string - 48) * 10;
  string++;
  ones = *string - 48;
  index = tens + ones;
  return index;
}
 
char *string2bytes(char *string, char *hexbytes) {
  /* Take the hash string after extracting the index and convert it to an array of hex bytes */
 
  char hex;
  char ones;
  char cur;
  int length;
  int i;
 
  length = strlen(string) - 1;
 
  for (i = 0; i < length/2; i++) {
    if (*string <= 57 && *string >= 48)
      hex = (*(string) - 48) * 16;
 
    else
      hex = (*(string) - 55) * 16;
 
    string++;
 
    if (*string <= 57 && *string >= 48)
      ones = *(string) - 48;
 
    else
      ones = *(string) - 55;
 
    cur = hex + ones;
    string++;
    hexbytes[i] = cur;
  }
  hexbytes[i] = 0;
  return hexbytes;
}
 
int main() {
 
/* Known Key */
  char ciscokey[] = {0x64, 0x73, 0x66, 0x64, 0x3b, 0x6b, 0x66, 0x6f, 0x41,
                     0x2c, 0x2e, 0x69, 0x79, 0x65, 0x77, 0x72, 0x6b, 0x6c,
                     0x64, 0x4a, 0x4b, 0x44, 0x48, 0x53, 0x55, 0x42};
  char hash[64];
  char hexhash[64];
  char password[64];
  char *hexhashptr;
  char *ptr;
  int index;
  int len;
  int i;
  int n;
 
  /* 0 out hexhash array */
  for (i = 0; i<64; i++){
    hexhash[i] = 0;
  }
 
  printf("Enter Hash: ");
  fgets(hash, 63, stdin);
 
  ptr = hash;
 
  /* Extract 1st 2 characters of hash string, and convert them to decimal integer to be used as index into the key */
 
  index = extract_index(ptr);
  ptr += 2;
  len = (strlen(hash) / 2) - 1;
  hexhashptr = string2bytes(ptr,hexhash);
  for(i = 0; i < len; i++) {
    password[i] = ciscokey[index] ^ hexhashptr[i];
    index++;
  }
  password[i] = 0;
  printf("password: %s\n",password);
  return 0;
}