home *** CD-ROM | disk | FTP | other *** search
- File Information
-
- Verifying link...
-
- Register Your DAP
-
- Subject:
- Re: [seg-l] Passwords en Cisco (fwd)
- Date:
- Mon, 3 Nov 1997 11:28:30 -0500
- From:
- "We got Food - Fuel - Ice-cold Beer - and X.509 certificates" <mudge@L0PHT.COM>
- To:
- BUGTRAQ@NETSPACE.ORG
-
-
-
- The Shell script that was posted was originally written by Hobbit
- (hobbit@avian.org) and is available from ftp://avian.org.
-
- The C code I believe originally came from SPHiXe and has been floating
- around for some time.
-
- Yes, they both should work on 11.x.
-
- For those who want to save the time here's what cisco is doing (just so
- you can do a lot of it in your head):
-
- Assume the following :
-
- Password 7 08204E
-
- The encrypted string is 08204E. It must be an even length of digits and
- the first two digits are used as a base 10 index into the XOR string. The
- length of the plaintext password is strlen(enc_pw) -2 / 2. In this case 2
- chars.
-
- 08 is the index into the xor string.
-
- 2 is multiplied by 16 (or left shifted 4 times) then the next digit (0) is
- added to it. [ == 32]
-
- 32 XOR xorstring[08] = 'a'
-
- Move to the next two digits and repeat -
- 4 * 16 = 64
- 64 + 14 (E) = 78
- increment the index into the xor string
- 78 XOR xorstring[08] = 'b'
-
- In a couple of days you should be able to download a PalmPilot version of
- this and a FORTH interpretation with instructions to put it into your
- OpenBoot prom on SPARCs from the l0pht (www.l0pht.com).
-
- Just figured I'd point out where those two pieces of code came from since
- attribution was lacking in the previous posts.
-
- .mudge
-
-
-
