search

BrettVerney / ciscoPWDhasher

A Python Cisco IOS, IOS-XE and NX-OS password hashing tool
MIT License
24 stars 5 forks source link

username ... secret 9 ... is not correct for C9300-48P IOS-XE 17.03.04 #4

Open jifox opened 2 years ago

jifox commented 2 years ago

When using this python script the switch will not accept the calculated hash

# Program output
[3]  Type 8 (PBKDF2-HMAC-SHA256)
[4]  Type 9 (Scrypt)
[5]  Exit

Your selection: 4

Enter a Plain Text Password to convert: TestText

Your Cisco Type 9 password hash is: $9$icj5vfNlTumwNB$64epo7fnBl03uRLMQT0Q5VWaOvHPipqZLFFsCbYdl4Y

# Switch output
TEST(config)# username test privilege 15 secret 9 $9$icj5vfNlTumwNB$64epo7fnBl03uRLMQT0Q5VWaOvHPipqZLFFsCbYdl4Y
ERROR: The secret you entered is not a valid encrypted secret.
To enter an UNENCRYPTED secret, do not specify type 9 encryption.
When you properly enter an UNENCRYPTED secret, it will be encrypted
jifox commented 2 years ago

I've tried to use the salt that the switch has stored as a constant and calculated the hash. The has value calculated is the same as the hash in cisco running config.

                    for _ in range(14):
                        salt_chars.append(random.choice(cisco_b64chars))
                    salt = "".join(salt_chars)
                    salt = "pPsCfoFx0krK.E"  # <------------

####################################################

[4]  Type 9 (Scrypt)
[5]  Exit

Your selection: 4

Enter a Plain Text Password to convert: TestText

Your Cisco Type 9 password hash is: $9$pPsCfoFx0krK.E$yMeHAVYfOMb4yLYg9CkQyKaXkDH01slV9KdvNx7Afg

####################################################

# Switch output from running config
TEST(config)# TEST(config)#do show run | i ....
username .... privilege 15 secret 9 $9$pPsCfoFx0krK.E$yMeHAVYfOMb4yLYg9CkQyKaXkDH01slV9KdvNx7Afg2

It seems that the salt is not a random value for IOS-XE 17.03.04