您当前位置: 首页 » 网络安全 » ASA » 网络安全 » ASA5505 密码破解

ASA5505 密码破解

2014年11月22日 | 发表评论(0) 查看评论

网上搜到的有关ASA5505密码破解的文章,居然全是一篇老外写的文章,也没人加点儿中文注释,这事儿还是我来干吧,其实不看英文也能成功破解密码,因为只需要用到文章里提到的命令。

1. Power-cycle your security appliance by removing and re-inserting the power plug at the power strip.

重新插拔电源线

 

2. When prompted, press Esc to interrupt the boot process and enter ROM Monitor mode. You should immediately see a rommon prompt (rommon #0>).

按ESC键进入ROM Monitor模式,可以看到提示符rommon #0>

 

3. At the rommon prompt, enter the confreg command to view the current configuration register setting: rommon #0>confreg

输入命令confreg回车,查看当前的寄存器的值

 

 

4. The current configuration register should be the default of 0x01 (it will actually display as 0x00000001). The security appliance will ask if you want to make changes to the configuration register. Answer no when prompted.

寄存器的初始值为0x01,ASA会出现询问是否改变寄存器的设置,输入no回车

 

5. You must change the configuration register to 0x41, which tells the appliance to ignore its saved (startup) configuration upon boot:

 改变寄存器的值为0x41

rommon #1>confreg 0x41

 

6. Reset the appliance with the boot command:

 重启设备

rommon #2>boot

 

7. Notice that the security appliance ignores its startup configuration during the boot process. When it finishes booting, you should see a generic User Mode prompt:

 此时,ASA会跳过startup配置,启动完成后直接进入用户模式

ciscoasa>

 

8. Enter the enable command to enter Privileged Mode. When the appliance prompts you for a password, simply press (at this point, the password is blank):

 进入特权模式,密码为空

ciscoasa>enable

Password:

ciscoasa#

 

9. Copy the startup configuration file into the running configuration with the following command:

 startup配置保存至running配置中

ciscoasa#copy startup-config running-config

Destination filename [running-config]?

 

10. The previously saved configuration is now the active configuration, but since the security appliance is already in Privileged Mode, privileged access is not disabled. Next, in configuration mode, enter the following command to change the Privileged Mode password to a known value (in this case, we’ll use the password system):

 重新设置特权模式的密码为system

asa#conf t

asa(config)#enable password system

 

11. While still in Configuration Mode, reset the configuration register to the default of 0x01 to force the security appliance to read its startup configuration on boot:

 改回寄存器的值,强制ASAstartup读取配置启动

asa(config)#config-register 0x01

 

12. Use the following commands to view the configuration register setting:

 查看当前寄存器的值

asa(config)#exit

asa#show version

 

13. At bottom of the output of the show version command, you should see the following statement: Configuration register is 0x41 (will be 0x1 at next reload)

在输出的最后会看到寄存器的值会在重启设备后由0x41变成0x1

14. Save the current configuration with the copy run start command to make the above changes persistent:

 保存配置

asa#copy run start

Source filename [running-config]

 

15. Reload the security appliance: asa# reload System config has been modified. Save? [Y]es/[N]o:yes

输入reload命令重启设备,询问是否保存配置,输入yes回车

 

Cryptochecksum: e87f1433 54896e6b 4e21d072 d71a9cbf

 

2149 bytes copied in 1.480 secs (2149 bytes/sec) Proceed with reload? [confirm]

 

When your security appliance reloads, you should be able to use your newly reset password to enter privileged mode.

设备重启后,你可以使用重置后的密码进入特权模式

 

来自 <http://blog.sina.com.cn/s/blog_488fd1fa0100yqtj.html>

分类:

ASA, 网络安全

| 标签:

发表评论?

0 条评论。

发表评论


注意 - 你可以用以下 HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>