Tuesday, September 10, 2013

Cisco Router: How To Do A Password Recovery (i.e. Break Into A Router)

What is the real difference.  If you are a good guy, you call it password recovery.  If you are a bad guy, you call it "breaking into the router".  Either way, the process is the same.  You just need physical access to the router.  In this case, I have a Cisco 837 I need to get into.  They dont know the password, and I need to make routing changes.  No password?  No problem.  Give me 10 minutes and Ill get it squared away.
Reboot the router.
I use Tera Term, so I do an "Alt/B" to stop the boot (on the console).
At the rommon prompt, I type in: confreg 0x2142
Then I type: reset
The router reboots like its never been configured.  I say "No" to the lazy mans way to config (the prompts).
I type in "copy start run" to get the config back in place, after I have typed in enable to get to the main prompt.
Then I type in a new userID and password, along with a new enable secret password.
I also type in: config-reg 0x2102 to get the router to boot back normally again by using the startup-config file.
Lastly, I do the wr mem and Im good to go.

Done.  It shouldnt be this easy to break into a router, but it is.

No comments:

Post a Comment

Your comment will be reviewed for approval. Thank you for submitting your comments.