HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 75 guests and 1 member online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Hardwarearrow Cisco Level 7 passwords
EH-Net
May 22, 2013, 08:38:25 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Cisco Level 7 passwords  (Read 11216 times)
0 Members and 1 Guest are viewing this topic.
Birdcr
Guest
« on: March 08, 2009, 02:47:42 PM »
Hi there i have seen several tutorial which explain that using a web brower you can enter a routers IP addy and get the prompt for credentials, by clicking cancel you can get the hash of the cisco password and if the password is level 7 it can easillly be cracked on multiple sites.

to try this i set up home pc a 2950 switch and a few routers, once get connectivity and able to ping/telnet etc i opened a browser (Both IE and firefox) and entered the ip i had assigned to the router (10.0.0.1) but just got this page cannot be displayed error message.

Am i doing something wrong or missing a step as i just cannot get this working. thanks
Logged
jimbob
Guest
« Reply #1 on: March 08, 2009, 03:13:10 PM »
Perhaps the router is not running a web server or is using HTTPS. Not all routers will have a web server enabled, so check the router configuration.

Jimbob
Logged
timmedin
Sr. Member
****
Offline Offline

Posts: 469



View Profile WWW
« Reply #2 on: March 08, 2009, 06:09:28 PM »
ip server http
I think
Logged
twitter.com/timmedin | http://blog.securitywhole.com
Birdcr
Guest
« Reply #3 on: March 09, 2009, 04:38:42 AM »
Quote from: jimbob on March 08, 2009, 03:13:10 PM
Perhaps the router is not running a web server or is using HTTPS. Not all routers will have a web server enabled, so check the router configuration.

Jimbob

right i havent set anything up as it is on my local lan, would i need to cofigure router for this to be able to do this? is this an easy process and is there any documentation avaliable for this?
Logged
sh4d0wman
Newbie
*
Offline Offline

Posts: 8


View Profile
« Reply #4 on: March 09, 2009, 07:18:12 AM »
Dunno what router model you have. Many info can be found searching the Cisco site.
http://www.cisco.com/en/US/products/sw/secursw/ps5318/prod_installation_guide09186a00803e4727.html

This might help:

Step 1 Enable the HTTP and HTTPS servers on your router by entering the following commands in global configuration mode:

Router# configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)# ip http server

Router(config)# ip http secure-server

Router(config)# ip http authentication local

Router(config)# ip http timeout-policy idle 600 life 86400 requests 10000

If the router supports HTTPS, the HTTPS server will be enabled. If not, the HTTP server will be enabled. HTTPS is supported in all images that support the Crypto/IPSec feature set, starting from Cisco IOS release 12.25(T).

Let me know if it works. Otherwise try to find some Cisco books.
Logged
Comptia Security+ Certified
WIP: CCNA / CHFI
Birdcr
Guest
« Reply #5 on: March 09, 2009, 08:34:37 AM »
Quote from: sh4d0wman on March 09, 2009, 07:18:12 AM
Dunno what router model you have. Many info can be found searching the Cisco site.
http://www.cisco.com/en/US/products/sw/secursw/ps5318/prod_installation_guide09186a00803e4727.html

I have three routers, nothing that good, 1600 series, 1720 and 2500. not too sure of the IOS they are running
Logged
sh4d0wman
Newbie
*
Offline Offline

Posts: 8


View Profile
« Reply #6 on: March 09, 2009, 09:31:28 AM »
Is this link any help to you?
http://articles.techrepublic.com.com/5100-10878_11-5577508.html

Keep in mind: The HTTP server was introduced in IOS release 11.0 to extend router management to the worldwide Web.

The HTTP server is not enabled by default except on unconfigured Cisco model 1003, 1004, and 1005 routers.

So I would advise to check out what IOS version you run Wink
Logged
Comptia Security+ Certified
WIP: CCNA / CHFI
Birdcr
Guest
« Reply #7 on: March 09, 2009, 01:58:58 PM »
Ok i have finaly found the original link to the Vulnerability i was trying to perform, this is called the:
HTTP Configuration Arbitrary Administrative Access Vulnerability:
(tutorial shown on this link below)
http://www.securityfocus.com/infocus/1734

So im going to try to set this up on my LAN tonight using the instruction provided by sh4d0wman (thanks!) to enable HTTP and HTTPS servers on my router, if they are up to the job!
Logged
sh4d0wman
Newbie
*
Offline Offline

Posts: 8


View Profile
« Reply #8 on: March 17, 2009, 10:33:19 AM »
Just curious if you got all working Smiley Pls update your post if you have time.
Logged
Comptia Security+ Certified
WIP: CCNA / CHFI
Higgins
Newbie
*
Offline Offline

Posts: 3


View Profile
« Reply #9 on: March 17, 2009, 12:12:45 PM »
As sh4d0wman said, you'll have to check your IOS Version on your test routers.

The vulnerability only affects certain IOS versions according to their site: http://www.securityfocus.com/bid/2936

The vulnerability is also a bit old too.  Was discovered in 2001.
Logged
Birdcr
Guest
« Reply #10 on: March 17, 2009, 06:25:52 PM »
unfortuanatly i havent been able ot try this yet as i have been working away, really looking forward to trying tho, will keep you posted, home in a few days  Cheesy
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.069 seconds with 22 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Free Business and Tech Magazines and eBooks

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.