6200networks.com

by Joe Harris, CCIE# 6200

Today is Wednesday, October 08th, 2008

About the Author

Joe Harris, CCIE No. 6200 (R&S, Security & SP) is a Systems Engineer with Cisco Systems® specializing in Security. In addition to authoring Cisco Network Security Little Black Book, Joe has also been a technical reviewer for several Cisco Press publications and written articles, white papers, and presentations on various security technologies. He also assists various Certification Partners by beta testing their newest CCIE certification workbooks and has been recognized by Cisco as an SE Wall of Fame award winner.

See All Posts by This Author

Cain & Able

November 14th, 2007 • Related • Filed Under

While I’m on the subject of tools, another good tool to look at is Cain & Able (http://www.oxid.it/projects.html) which is a somewhat grey/blackhat type tool. It has a specific section for brute-forcing Cisco PIX-MD5 and IOS-MD5 password as well as a section where you can type in a password and it will give you all sorts of hashes including IOS and PIX MD5 hashes. For example:

Text to hash: cisco

Type         Hash
_____________________________________________
MD2         DA88B7ADD467002A613243E93C2711DB
MD4         4FDF9C5ECB066688F851625CB971059E
MD5         DFEAF10390E560AEA745CCBA53E044ED
SHA-1       7AF78C911D5B48BEA1DC2449D9D89513ABEB4BE5
SHA-2(256) CDB6AC7DBE4C0A5E25776E1148784B86CF98F7D6…
SHA-2(384) ACE75C2597A98B4CD30615974D948D04C4510804…
SHA-2 (512) CBEE069F8B3868FB2D2EAE16C2F12A3412240FE5…
RIPEMD-160 9EA4A391B9417E52F08A8F2926E3A378A8F9FD2E
LM          A00B9194BEDB81FE
NT          5C800F13A3CE86ED2540DD4E7331E9A2
MySQL323    13304F67671F2F3C
MySQLSHA1   310AF8D67AE450FB86125F07FF75D1583528B45F
Cisco PIX   2KFQnbNIdI.2KYOU

It can also do cute thinks like ARP Poisioning, SSH and HTTPS Man-in-the-middle, and sniffing/recording VoIP traffic. Overall, a neat utility for demonstrating why you need Cisco Integrated Security Features!