On TechRepublic: 12 tech terms that make you sound old
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 15 of 68:
Next »
« Previous
have you hacked a cisco today?
"confidential trade secrets"

sounds like a backdoor wink

one tidbit of info... the cisco 6xx dsl modems, if you forget the password, you can go into the unit and access the rom to see the encrypted pw and reset it. maybe you can use it to hack someones dsl modem if you are sitting in front iof it :P

Step-by-Step Procedure
To recover your password, follow the steps below:

Set up console access.

If you do not have a management cable, you can make one. See Making a Management Cable for the Cisco 600 Series CPE.

Using the serial cable supplied with the modem, connect a COM port on your PC to the management port on the modem.

Configure your Terminal Access Program (such as HyperTerminal in Windows) with the following settings:

COM port = port into which you plugged the cable

Baud rate: 38400 bps ? recommended (standard 9600 bps possible)

Data bits: 8

Parity: None

Stop bits: 1

Flow control: None

Press Enter until you see the prompt;

for example, cbos>, modem1> or usa> When you see the prompt, the PC and Cisco CPE are communicating.

Enter RMON mode. Turn off the Cisco CPE, then on again by disconnecting and reconnecting the AC power plug on the back of Cisco CPE. Immediately after reconnecting the power plug, press and hold down the Ctrl-C keys on the keyboard until you see the following:

Hello!

Ron960 User Interface: Build 112 (May 9 2000 15:18:15)
NetSpeed HomeRunner(TM); i960 JX; JA step number 03
Copyright 1997 NetSpeed Corporation
Copyright 1998, 1999 Cisco Systems
=>

When you see the => prompt, you are in RMON mode and can release the Ctrl-C keys.

To view the configuration file, execute the db fef80030 <# of bytes> command.

This command prints the configuration to the screen. The last number indicates the number of bytes to display. Use a value of 100 bytes or more. For example:

=>db fef80030 100
fef80030 : 5b 5b 20 49 50 20 52 6f 75 74 69 6e 67 20 3d 20 [[ IP Routing =
fef80040 : 53 65 63 74 69 6f 6e 20 53 74 61 72 74 20 5d 5d Section Start ]]
fef80050 : 0d 0a 49 50 20 50 6f 72 74 20 41 64 64 72 65 73 ..IP Port Addres
fef80060 : 73 20 3d 20 30 30 2c 20 31 37 31 2e 36 38 2e 39 s = 00, 171.68.9
fef80070 : 2e 31 0d 0a 5b 5b 20 43 42 4f 53 20 3d 20 53 65 .1..[[ CBOS = Se
fef80080 : 63 74 69 6f 6e 20 53 74 61 72 74 20 5d 5d 0d 0a ction Start ]]..
fef80090 : 4e 53 4f 53 20 50 72 6f 6d 70 74 20 3d 20 75 73 NSOS Prompt = us
fef800a0 : 61 0d 0a 4e 53 4f 53 20 45 6e 61 62 6c 65 20 50 a..NSOS Enable P
fef800b0 : 61 73 73 77 6f 72 64 20 3d 20 61 6d 6a 5f 0d 0a assword = amj_..
fef800c0 : 00 00 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................

Note: You must assign an ENABLE password when you configure the Cisco CPE if you want the password to display as encrypted during the recovery procedure. Otherwise, the enable password field will be blank.

Note: If the EXEC password was set, then the root password field will hold the EXEC password.

Look for your encrypted

The text of the password will be altered by two letters. For example, using the key: _ = a, ' = b, a = c, b = d, c = e, and so on, the password "cola" would be "amj_."

For a complete listing of the ASCII characters, see the ASCII character set.

Example: ENABLE Password

=>db fef80030 100
fef80030 : 5b 5b 20 49 50 20 52 6f 75 74 69 6e 67 20 3d 20 [[ IP Routing =
fef80040 : 53 65 63 74 69 6f 6e 20 53 74 61 72 74 20 5d 5d Section Start ]]
fef80050 : 0d 0a 49 50 20 50 6f 72 74 20 41 64 64 72 65 73 ..IP Port Addres
fef80060 : 73 20 3d 20 30 30 2c 20 31 37 31 2e 36 38 2e 39 s = 00, 171.68.9
fef80070 : 2e 31 0d 0a 5b 5b 20 43 42 4f 53 20 3d 20 53 65 .1..[[ CBOS = Se
fef80080 : 63 74 69 6f 6e 20 53 74 61 72 74 20 5d 5d 0d 0a ction Start ]]..
fef80090 : 4e 53 4f 53 20 50 72 6f 6d 70 74 20 3d 20 75 73 NSOS Prompt = us
fef800a0 : 61 0d 0a 4e 53 4f 53 20 45 6e 61 62 6c 65 20 50 a..NSOS Enable P
fef800b0 : 61 73 73 77 6f 72 64 20 3d 20 61 6d 6a 5f 0d 0a assword = amj_..
fef800c0 : 00 00 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
fef800d0 : ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
fef800e0 : ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
fef800f0 : ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
fef80100 : ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
fef80110 : ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
fef80120 : ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................

Example: EXEC (Root) Password

Note: The ENABLE password is not set.

=> db fef80030 100
fef80030 : 5b 5b 20 49 50 20 52 6f 75 74 69 6e 67 20 3d 20 [[ IP Routing =
fef80040 : 53 65 63 74 69 6f 6e 20 53 74 61 72 74 20 5d 5d Section Start ]]
fef80050 : 0d 0a 49 50 20 50 6f 72 74 20 41 64 64 72 65 73 ..IP Port Addres
fef80060 : 73 20 3d 20 30 30 2c 20 31 37 31 2e 36 38 2e 39 s = 00, 171.68.9
fef80070 : 2e 31 0d 0a 5b 5b 20 43 42 4f 53 20 3d 20 53 65 .1..[[ CBOS = Se
fef80080 : 63 74 69 6f 6e 20 53 74 61 72 74 20 5d 5d 0d 0a ction Start ]]..
fef80090 : 4e 53 4f 53 20 50 72 6f 6d 70 74 20 3d 20 75 73 NSOS Prompt = us
fef800a0 : 61 0d 0a 4e 53 4f 53 20 45 6e 61 62 6c 65 20 50 a..NSOS Enable P
fef800b0 : 61 73 73 77 6f 72 64 20 3d 20 0d 0a 4e 53 4f 53 assword = ..NSOS
fef800c0 : 20 52 6f 6f 74 20 50 61 73 73 77 6f 72 64 20 3d Root Password =
fef800d0 : 20 61 6d 6a 5f 0d 0a 00 ff ff ff ff ff ff ff ff amj_...........
fef800e0 : ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
fef800f0 : ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
fef80100 : ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
fef80110 : ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
fef80120 : ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
=>

Example: ENABLE and EXEC Passwords

=> db fef80030 100
fef80030 : 5b 5b 20 49 50 20 52 6f 75 74 69 6e 67 20 3d 20 [[ IP Routing =
fef80040 : 53 65 63 74 69 6f 6e 20 53 74 61 72 74 20 5d 5d Section Start ]]
fef80050 : 0d 0a 49 50 20 50 6f 72 74 20 41 64 64 72 65 73 ..IP Port Addres
fef80060 : 73 20 3d 20 30 30 2c 20 31 37 31 2e 36 38 2e 39 s = 00, 171.68.9
fef80070 : 2e 31 0d 0a 5b 5b 20 43 42 4f 53 20 3d 20 53 65 .1..[[ CBOS = Se
fef80080 : 63 74 69 6f 6e 20 53 74 61 72 74 20 5d 5d 0d 0a ction Start ]]..
fef80090 : 4e 53 4f 53 20 50 72 6f 6d 70 74 20 3d 20 75 73 NSOS Prompt = us
fef800a0 : 61 0d 0a 4e 53 4f 53 20 52 6f 6f 74 20 50 61 73 a..NSOS Root Pas
fef800b0 : 73 77 6f 72 64 20 3d 20 61 6d 6a 5f 0d 0a 4e 53 sword = amj_..NS
fef800c0 : 4f 53 20 45 6e 61 62 6c 65 20 50 61 73 73 77 6f OS Enable Passwo
fef800d0 : 72 64 20 3d 20 61 6d 6a 5f 0d 0a 00 ff ff ff ff rd = amj_.......
fef800e0 : ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
fef800f0 : ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
fef80100 : ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
fef80110 : ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
fef80120 : ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................

The passwords are now recovered.

Reboot the Cisco CPE by turning it off then on again, or by typing rb at the =>rb prompt, and type the password you recovered.

=>rb

Hello!
Expanding CBOS image...
CBOS v2.3.5.012 - Release Software

User Access Verification
Password:

usa>

Password recovery is now complete.



http://www.cisco.com/warp/public/474/pswdrec_6xx.html
Posted by: linuxoverwindows   Posted on: 07/28/05 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

"not yet fully baked"  Roving_Reporter | 07/28/05
"Baked"  htotten | 07/28/05
Please...  ArtMac | 07/28/05
Please...give me a break  TN-Limey | 07/28/05
Lynn a criminal???  tonkica | 07/28/05
Yup  TN-Limey | 07/28/05
Just food for thought for a second  Xbeing | 07/28/05
Ummm...  ArtMac | 07/28/05
half-baked  linuxoverwindows | 07/28/05
java_p-your're stupid  phi_alpha_nu@... | 07/28/05
The issue  brichter | 07/28/05
Whistle Blower  wolf_z | 07/28/05
What if Microsoft did this?  jbburks | 07/28/05
No yawning here  John L. Ries | 07/28/05
have you hacked a cisco today?  linuxoverwindows | 07/28/05
IP violation  Carrion | 07/28/05
Are you quite certain?  dalecosp | 07/28/05
I'm sure a real hacker...  el1jones | 07/28/05
Flaws  Carrion | 07/28/05
Read the facts.  jnoble@... | 07/28/05
YOU read the facts  brichter | 07/28/05
Analogy issue here  Xbeing | 07/28/05
what is a r00ted box?  linuxoverwindows | 07/28/05
15 minutes.  jpfitz@... | 07/28/05
re:15 minutes  deepee912 | 07/28/05
If he is a hero  Xbeing | 07/28/05
If it's no big deal...  el1jones | 07/28/05
Get a clue  jnoble@... | 07/28/05
Whistle-blower, my a$$  brichter | 07/28/05
Why a 1 vendor solution is stupid  ITGuy04 | 07/28/05
Cisco certification  itpro_z | 07/28/05
Cisco certification  Loverock Davidson | 07/28/05
i need an employer that will pay for those happy  linuxoverwindows | 07/28/05
hear! hear!  linuxoverwindows | 07/28/05
Well...  ArtMac | 07/28/05
Well ...  dalecosp | 07/28/05
Yep, right here...  Grimm Reaper | 07/28/05
lol  linuxoverwindows | 07/28/05
MS Bashers  Too Old For IT | 07/28/05
Maybe they are too smart  ebrke | 07/28/05
IOS  jnoble@... | 07/28/05
Cisco hits back  Mugsy_z | 07/28/05
Let's keep such things underground, shall we?  Sxooter_z | 07/28/05
wink  dalecosp | 07/28/05
sure, cause then...  linuxoverwindows | 07/28/05
This is why all software should be Open Source  kokuryu | 07/28/05
Open Source Presumption  Too Old For IT | 07/28/05
Right ...  gary.douglas@... | 07/28/05
Easy picking.  papatator | 07/28/05
Bad News Supression  John L. Ries | 07/28/05
Hmm, that's an interesting thought....  dalecosp | 07/28/05
Security by Obscurity  Dr_Zinj | 07/28/05
Did I miss something?  Xbeing | 07/28/05
Thanks  TN-Limey | 07/29/05
when you use the law to cover your sorry butt  toxicfreak | 07/28/05
what??  sirsully | 07/28/05
Re: when you use the law to cover your sorry butt  webster_z | 08/01/05
Cisco and the jerk  TN-Limey | 07/28/05
He didn't reveal anything new  george_ou | 07/28/05
Why  TN-Limey | 07/28/05
Right on, Limey - Re: Cisco and the jerk  webster_z | 08/01/05
If one can figure it out anybody can  xkmail | 07/28/05
Black Hat to be commended for efforts to expose cisco and all other flaws  samm_z | 07/28/05
Are they 'bugs' or 'humans'?  mtn.brk@... | 07/28/05
non-disclosure  sandbagger | 07/28/05
Learn that which you speak about  jnoble@... | 07/28/05
cisco, injunction  jef124c41 | 07/29/05
Both Cisco and BHS are right from there point of view  alfresco_0101@... | 08/04/05

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
advertisement
Click Here

Enterprise Applications

  • Check out some of the easiest and most powerful ways to boost productivity while saving money on your application infrastructure. See ZDNet's comprehensive Enterprise Application resource center, now!
  • New Online Dashboard
  • Read about top issues IT decision-makers face every day, plus get cost effective solutions to real life IT problems. Oracle Topline