Thanks for your reaction. I received "Bad password". I had copied and pasted the password without the 7, when it failed. I tried again with the 7. I realised the pw- is hashed / encrypted. But, the "sh run" output is what the former administrator sent to, as the pw. What do your suggest ?

Just a small correction to Niranjan's post

The number 7 actually means that the password has been encrypted with the weak algorithm and can be reversed using online password breaking tools

http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a00801d7efa.shtml

you can use some online passowrd breaking tools to get the passowrd eg.

http://www.ifm.net.nz/cookbooks/passwordcracker.html

Narayan

Hi!

Thanks for pointing out the mistake! :)

Hi,

Niranjan is not right with the number 7.

Its not the privilage.

all passwords and other authentication strings in Cisco IOS configuration files are encrypted using the weak, reversible scheme used for user passwords.

To determine which scheme has been used to encrypt a specific password, check the digit preceding the encrypted string in the configuration file. If that digit is a 7, the password has been encrypted using the weak algorithm. If the digit is a 5, the password has been hashed using the stronger MD5 algorithm.

For example, in the configuration command:

enable secret 5 $1$iUjJ$cDZ03KKGh7mHfX2RSbDqP.

The enable secret has been hashed with MD5, whereas in the command:

username jdoe password 7 07362E590E1B1C041B1E124C0A2F2E206832752E1A01134D

The password has been encrypted using the weak reversible algorithm.

Below is the link which can provide you with more information.

http://www.cisco.com/warp/public/701/64.html

When you provie with the command "service password-encription" you will see the output as you have pasted above.

The password followed with 5 cannat be decripted since its MD5 algorith. 7 can be.

Privilage config would be seen like below in running config.

username cisco privilege 7 password 0 cisco

And yes the pasword with 7 can be broken using tool. Boson has one.

Hope this helps.

Hi, Niranjan. I very much appreciate your assistance here. Just to bother further, do you think when I send syntax "sh tech-support" in EXEC user mode of that Switch,I shall get the output to have the password so needed. I have only access to the user mode, for now- thru console connection. Just send me what syntax I need send pls. Thanks once more

1st the show tech-support would not work in EXEC user mode.

In fact if you give show tech-support you will not get the password.

Below is how the output would look for show running config in tech-support.

enable secret 5

!

username cisco password 7

line con 0

exec-timeout 0 0

line vty 0 4

password 7

length 0

line vty 5 15

password 7

Hope this helps.

Regards,

Pravin

Yes as Tim said thats the only one way you can retrive the password which i can see now.

http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_tech_note09186a00801746e6.shtml

Regards,

Pravin..