Scribd
Upload
163 views3 pages

Cisco Router Password Recovery

The document provides a detailed guide on how to recover lost passwords for Cisco routers, specifically outlining the steps to bypass security passwords and gain administrator access. It emphasizes the importance of understanding router configurations that may prevent password recovery and warns that attempting recovery in such cases could erase all configurations. The article concludes by encouraging readers to share the information to help others facing similar issues.

Uploaded by

rburgue
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
163 views3 pages

Cisco Router Password Recovery

The document provides a detailed guide on how to recover lost passwords for Cisco routers, specifically outlining the steps to bypass security passwords and gain administrator access. It emphasizes the importance of understanding router configurations that may prevent password recovery and warns that attempting recovery in such cases could erase all configurations. The article concludes by encouraging readers to share the information to help others facing similar issues.

Uploaded by

rburgue
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

([Link]

cx)

[Link] TEAM NEWS ALTERNATIVE MENU RECOMMENDED SITES CONTACT US - FEEDBACK


(/[Link]) (/[Link]) (/[Link]) (/[Link]) (/[Link])

(/) (/[Link]) (/[Link])


HOME NETWORKING CISCO

(/[Link]) (/[Link]) (/[Link])


MICROSOFT LINUX MORE CONTENT

(/[Link]) (/[Link])
DOWNLOADS FORUM

FRIDAY, 07 AUGUST 2015


search...

HOT DOWNLOADS
([Link] ([Link]
NETWORK FORENSIC NETWORK NETWORK SECURITY
ANALYSIS VULNERABILITY SCANNER SCANNER

NETWORK SECURITY
SCANNER

(/component/banners/click/[Link])

CISCO ROUTER PASSWORD RECOVERY ([Link]


99232)
WRITTEN BY ADMINISTRATOR. POSTED IN CISCO ROUTERS - CONFIGURING CISCO ROUTERS (/CISCO-TECHNICAL-KNOWLEDGEBASE/CISCO-
[Link])

Rating 4.50 (16 Votes)


HYPER-V BACKUP
Share Tweet

Password recovery is a fairly frequently used procedure for administrators and engineers. Even though we usually stack our passwords in
some word, excel or text file, it's very easy to forget to update them when changes occur. The end result is you find yourself locked out of
the device, wondering what on earth could be the password.

Accessing a Cisco router requires certain privileges. Depending on the router's configuration, you might be required to firstly log into the
router and then enter the popular 'enable' password to elevate your access to privileged mode, from where you can issue configuration
([Link]
commands.
199642)
This article will show you how you can gain full administrator access to a Cisco router, bypassing all security passwords. The password
recovery process, however, can be rendered useless if the administrator has previously configured the router not to allow this process to
take place. In this case, the router will warn the user and, if he proceeds, all configuration will be erased, so there will be nothing to recover!
RECOMMENDED
DOWNLOADS
EXAMPLE SCENARIO Web Security
([Link]
Consider we have a Cisco router (2610 for our example - this procedure is the same for all routers) and we are unable to access it due to a
99233)
lost password. Console and VTY (telnet) sessions ask for a password which we do not have:
Free Hyper-V Backup
([Link]
R1 con0 is now available
163765)

Press RETURN to get started. Server AntiSpam


([Link]

User Access Verification 99234)


Network Scanner
Password: ***** ([Link]
Password: ******** 99235)
Password: ***
% Bad passwords
IDS Security Manager
([Link]
Even if we were able to successfully log into the router, but couldn't provide the router with the correct 'enable' password, we would still 99236)
need to perform a password recovery procedure.
Web-Proxy Monitor
([Link]
To initiate the password recovery procedure, connect the rollover cable to the console port, then power the router off and back on. As soon
99237)
as you receive a prompt showing the boot process, hit Ctrl-Break:
Network Analyzer - Sniffer
([Link]
System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)
195370)
Copyright (c) 1999 by cisco Systems, Inc.
TAC:Home:SW:IOS:Specials for info Cisco VPN Client

PC = 0xfff0a530, Vector = 0x500, SP = 0x680127c8 (/downloads/cisco-tools-a-


C2600 platform with 65536 Kbytes of main memory [Link])
Network Fax Server
program load complete, entry point: 0x80008000, size: 0xf54134 ([Link]
PC = 0xfff0a530, Vector = 0x500, SP = 0x83fffe68 100607)
Forensic Security Analysis
<ctrl + Break> ([Link]
195375)
monitor: command "boot" aborted due to user interrupt Web Vulnerability Scanner
rommon 1 > ([Link]
191594)

You'll immediately see the 'rommon' prompt, indicating we are in 'rom monitor' mode. This is a mini-IOS that allows you to perform very WEBSITE SCANNER
specific tasks in order to recover your router.

Now, to skip our password-protected configuration, we instruct the router to by-pass the configuration located in NVRAM during bootup, and
reset the router:

rommon 1 > confreg 0x2142


You must reset or power cycle for new config to take effect
rommon 2 > reset
([Link]
191960)
The router will now reset and start its normal bootup process, however, the current configuration will be ignored. When the bootup is
complete, you will be prompted to 'enter the initial configuration dialog', answer 'no':
NETWORK ANALYZER
System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)
Copyright (c) 1999 by cisco Systems, Inc.
TAC:Home:SW:IOS:Specials for info
C2600 platform with 65536 Kbytes of main memory
program load complete, entry point: 0x80008000, size: 0xf54134
Self decompressing the image : ##
<output omitted>
--- System Configuration Dialog ---
Would you like to enter the initial configuration dialog? [yes/no]: no ([Link]
Press RETURN to get started! 195373)

([Link]
([Link]
([Link]
([Link]
Next step is to enter 'Privileged Mode' and load the router's configuration from nvram. Then reset the 'enable' or 'secret' password. To be
sure, we're showing how to reset both, but we'll only need to use the 'secret' password. In addition, we are going to reset the console port's CONNECT:home=&gid=1037867)

password:

Router>
FACEBOOK - LIKE US!
Router> enable
Router# copy startup-config running-config Firewall…
Destination filename [running-config]? (hit enter)
Building configuration...
[OK]
Router# configure terminal
Router(config)# enable password cisco
POPULAR SECURITY
ARTICLES
Router(config)# enable secret enter
Router(config)# line console 0 Implications of Unsecure
Router(config-line)# password hello Webservers & Websites
Router(config)# username admin privilege 15 secret enternow (/general-topics-
reviews/security-
If you use the 'login local' command you'll need to reset the user account of the password you have lost (in our example, it's 'admin'). articles/1072-implications-
of-unsecure-webservers-
Lastly, we need to change the 'configuration register' so the router will load the newly modified configuration next time it reboots, save our and-websites-for-
settings and reboot the router: oganizations-
[Link])
Router(config)# config-register 0x2102 The Importance of
Router(config)# exit Automating Web Security-
Router# copy running-config startup-config Penetration Testing
Destination filename [startup-config]? (hit enter) (/general-topics-
Building configuration... reviews/security-
[OK] articles/1074-automation-
Router# reload web-application-security-
[Link])
The router will now reload and use the new configuration that contains the newly set passwords. Choosing a Web
Application Security
When the router reboots, log in and check your configuration. If you find any interfaces in the 'shutdown' state, you'll need to use the 'no Scanner (/general-topics-
shutdown' command to bring them back up. reviews/security-
articles/1083-choosing-web-
Again, don't forget to save your configuration once all changes are complete!
application-security-
[Link])
Statistics Highlight the State
ARTICLE SUMMARY of Security of Web
Applications (/general-
We've shown you how to recover lost passwords and gain control of a Cisco router. Of course there are mechanisms, which can be topics-reviews/security-
enabled, that will not allow you to perform the password recovery procedure. In this case, any attempt to recover the passwords or articles/1073-state-of-
configuration will result in the erasure of the device's configuration! security-of-web-
[Link])
If you have found the article useful, we would really appreciate you sharing it with others by using the provided services on the top left
Comparing Netsparker
corner of this article. Sharing our articles takes only a minute of your time and helps [Link] reach more people through such services.
Cloud & Desktop based
Back to Cisco Routers Section (/cisco-technical-knowledgebase/[Link]) Security Software (/general-
topics-reviews/cloud-based-
solutions/1079-cloud-
based-vs-desktop-based-
[Link])
How to Protect your
Websites and Web Server
from Hackers (/general-
topics-reviews/security-
articles/1092-security-tips-
how-to-protect-your-
websites-and-webservers-
[Link])

CISCO PRESS REVIEW


PARTNER

(/site-news/316-firewall-
[Link])

Notify me of new articles

CISCO MENU

CISCO ROUTERS
(/cisco-technical-
knowledgebase/cisco-
[Link])
ARTICLES TO READ NEXT: CISCO SWITCHES
(/cisco-technical-
CONFIGURING DYNAMIC NAT ON A CISCO GRE AND IPSEC - GRE OVER ENABLING & CONFIGURING SSH ON knowledgebase/cisco-
CISCO ROUTER (/CISCO-TECHNICAL- IPSEC - SELECTING AND CO... CISCO ROUTERS. RESTRICT S... [Link])
KNOWLEDGEBASE/CISCO- (/CISCO-TECHNICAL- (/CISCO-TECHNICAL-
CISCO VOIP/CCME -
ROUTERS/327-CISCO-ROUTER- KNOWLEDGEBASE/CISCO- KNOWLEDGEBASE/CISCO-
[Link]) ROUTERS/872-CISCO-ROUTER-GRE- ROUTERS/1100-CISCO-ROUTERS-SSH- CALLMANAGER
[Link]) SUPPORT-CONFIGURATION-RSA-KEY- (/cisco-technical-
[Link])
knowledgebase/cisco-
[Link])
CISCO FIREWALLS
(/cisco-technical-
knowledgebase/cisco-
[Link])

You might also like