Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3408
Views
9
Helpful
6
Replies

"no password recovery" - command - if configured - is there anyway to break in

astanislaus
Level 2
Level 2

‎01-31-2011 04:37 AM - edited ‎03-04-2019 11:15 AM

We have a Cisco 2811 router on which the customer has forgotten his password. He has a saved config on the tftp server and when we look at that file he has the following command configured:

no password recovery

service password-encryption

So when we try to hit the BREAK key when the router is tuned OFF and ON and booting, the BREAK key is not recognised - probably because of the command "no password recovery"

We took the Compact Flash out and turned the 2811 router OFF and then ON.

It still wouldn't go to ROMMON mode.

It would try to boot and say flash not present, fail and then would try another boot and say flash is not present and would stay in this loop.

Is there anyway of breaking into this 2811 router or is it return to factory status?

Alphonse

Labels:
0 Helpful
6 Replies 6

astanislaus
Level 2
Level 2

‎01-31-2011 04:43 AM

I meant to say the commands are:

no service password-recovery

service password-encryption

as the two commands configured on this 2811 that the customer wants to break into.

0 Helpful

astanislaus
Level 2
Level 2
In response to astanislaus

‎01-31-2011 04:50 AM

I think the answer to my question is at the following link:

http://www.cisco.com/en/US/partner/docs/ios/12_3/12_3y/12_3ya8/gtnsvpwd.html

which means I will have to allow the erasure of the startup-config

0 Helpful

Akula Jyoti Lakshmi
Level 1
Level 1
In response to astanislaus

‎01-31-2011 08:01 AM

Yes , you are correct. If it does not allow to enter into rommon mode,, go ahead and erase the startup-config.

To reset to factory default (removing the startup configuration file), perform these steps:

1. r1#erase nvram:startup-config

2.r1#reload

Regards,

Jyoti

0 Helpful

paolo bevilacqua
Hall of Fame
Hall of Fame

‎01-31-2011 04:52 AM

No, there is no way.

hobbe
Level 7
Level 7

‎01-31-2011 07:31 AM

I am sorry but i am not shure I follow you here !

You have the configuration since the customer have saved it at a ftp server.

so what is the problem ?

Well anyway.

Do you have any other means of communication with the router such as snmp ? telnet ? ssh ?

What version of software is it using ?

if you are lucky that version has a bug in it that makes it vulnerable for something that lets you control the router.

Does it boot of a FTP server ? most likely not but if so then the case is quite clear, just change the passwords in the file it loads.

Tried cracking the password ?

there are many things you can do to try to get access to that router, however it all breaks down to some luck and a lot of hard work for it to actually work.

so if you have the config why not just reset it and load the config.

that is the easiest way of doing things.

good luck

HTH

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card