[180421] in North American Network Operators' Group
Re: Password Decryption Methods?
daemon@ATHENA.MIT.EDU (Michael O Holstein)
Tue Jun 2 12:25:29 2015
X-Original-To: nanog@nanog.org
From: Michael O Holstein <michael.holstein@csuohio.edu>
To: Lorell Hathcock <lorell@hathcock.org>
Date: Tue, 2 Jun 2015 16:23:26 +0000
In-Reply-To: <017b01d09d4d$490ac6b0$db205410$@hathcock.org>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
Need to recover the *actual* password because of forensic reasons? .. if it=
's just for usability then 100% of the units I've encountered have some res=
et routine that wipes the defaults and resets to admin:admin (or whatever).
If it was forensics it'd probably be faster to just image the flash chip (h=
opefully leaded and not BGA but rework isn't *that* hard). It's probably sa=
lted by the firmware, sometimes the salt is static in the firmware, sometim=
es it's a derivative of something like the hardware address.=20
If you can share the other details (make, model, firmware revision, process=
or type, etc.) .. whatever you know and can share) .. it would be more help=
ful. Also, how'd you get the hash? .. from a config file backup or from ano=
ther device that used it to access this one? If so, what software, etc.
Cheers,
Michael Holstein
Cleveland State University
________________________________________
From: NANOG <nanog-bounces@nanog.org> on behalf of Lorell Hathcock <lorell@=
hathcock.org>
Sent: Tuesday, June 2, 2015 12:00 PM
To: nanog@nanog.org
Subject: Password Decryption Methods?
All:
I have a video camera that I need to recover the password. I have a
password hash that is stored in a database, but any online decryption sites
are not working.
Can someone push me in the right direction on where I go from here?
Thanks,
Lorell
