[5608] in bugtraq
Re: What to do when you forget your cisco LD password...
daemon@ATHENA.MIT.EDU (John Bashinski)
Fri Nov 14 13:40:42 1997
Date: Fri, 14 Nov 1997 07:02:30 -0800
Reply-To: John Bashinski <jbash@CISCO.COM>
From: John Bashinski <jbash@CISCO.COM>
X-To: Dustin Sallings <dustin@spy.net>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Your message of "14 Nov 1997 01:37:50 GMT."
<ML-3.3-SPY.879471470.6838.dustin@bleu.west.spy.net>
> If you're like me, you've got a lot of passwords to remember, and
> sometimes, well, we forget. There's good news, though! For a limited time
> only, you can enable on your cisco LocalDirector with the magic ^C password.
>
> I noticed this on a 1.6.3 LocalDirector where I mistyped the enable
> password by mistake and hit ^C to start over, but I didn't have to, took me
> right in, and let me make my configuration changes. Later experimentation
> showed that you don't even have to type in a partially invalid password, ^C
> alone seems to do the trick in all cases we tried.
I am not a LocalDirector expert and don't have access to a test machine,
but I just checked this with the Those Who Know. I am informed that
control-C will work as an enable password only if you haven't actually
set a password. In fact, *any* string will work if you haven't set a
password. If you've set an enable password on the box, control-C will
not work. This was verified by testing on a 1.6.3 LocalDirector.
If control-C worked for you on a machine with a password properly set,
*please* contact me directly with details of how you configured it.
You're right, however, that you shouldn't let people you don't trust log
in to your equipment in the first place.
-- John B.
