Cisco IOS Password Recovery

From OISecWiki

This post is a legacy post from my old weblog, it has been included as it seems to still have some hits.

This weblog was intended primarily to have an easy way to type my documents and to make them searchable commentable etc..

After looking at my webservers webstatistics, I saw some search requests for Cisco password recovery techniques. Well then let's explain it here for everyone to read:

  • Attach a console cable to the Cisco
  • Reboot the Cisco
  • When the Cisco shows the first sign of life start sending it breaks (that's ctrl-F in minicom)
confreg 0x2142
reset
  • ... Cisco boots .... zZzZzZ ....
  • Enter no at the first question
  • voila a configless Cisco
  • now get into enable mode (but do NOT type conf term)
copy startup running
  • voila a running cisco with full config in ENABLE mode
  • do your password changing stuff
write mem
configure terminal
config-register 0x2102
reload

That was quite easy huh :)

This guide will grant you ACCESS to an enable prompt on a running router. It will NOT recover the actual password!