Network Guys

Share your knowledge!

Password- and configuration-recovery for Cisco IOS router

You bought a used Cisco router at eBay configured with a password? You loose your password but still need the current configuration? No Problem! You can easily reset the configuration/passwords.

You need to connect to the serial port of the Cisco router. I’m using always a USB-RS232-serial-adapter and PuTTY for this. To boot your router in to the rommon u need to power off and on the device and send break signals over the COM port (right-click on the icon):

Send the break-signals periodically until you see the rommon shell. Now you need to configure the configuration-register to 0x2142 and reset the router:

System Bootstrap, Version 12.3(8r)YI4, RELEASE SOFTWARE
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 2006 by cisco Systems, Inc.

C870 series (Board ID: 6-148) platform with 131072 Kbytes of main memory

rommon 1 > confreg 0x2142

You must reset or power cycle for new config to take effect
rommon 2 > reset

Changing the configuration-register to 0x2142 will ignore the loading of the startup-configuration after booting the IOS image. After booting, you will see the installation wizard:

         — System Configuration Dialog —

Would you like to enter the initial configuration dialog? [yes/no]: no

You are now logged in and can switch back to the standard configuration-register 0x2102:

Router(config)#config-register 0x2102

with show startup-configuration you can watch the saved configuration. You can also see all the passwords within the configuration (for example user-passwords or the presharedkeys for VPN tunnels). If the configuration contains the password-encryption command you can decrypt type 7 passwords. I puplished a tool on my site to decrypt those passwords: Cisco Password Decrypter

If you want to make the startup-configuration active with your own passwords (username, enable secret, etc.) you can load the startup-configuration to the running-configuration and configure the new passwords:

Router#copy startup-config running-config
Router#configure terminal
Router(config)#username cisco password cisco
Router(config)#enable secret cisco
Router(config)#end
Router#copy running-config startup-config
or
Router#write memory
Router#reload

After the reload you can test your (hopefully successful) login! Happy Hacking! ^^

Leave a Reply

Click on the button to load the content from jetpack.wordpress.com.

Load content

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Certificates

ekahau Certified Survey Engineer
ATP_wsrgb
ACMP2
suca
Post Categories
Post Archives