Hacker BACKDOOR: Cisco router Tcl script 2nd tests

Cisco router Tcl script backdoor 2nd tests

Author: Vic

The security of Cisco routers is certain. Password verification is required for remote login. The Cisco passwords are encrypted in the following ways:
1 not encrypted, plaintext display

650) this. width = 650; "border =" 0 "alt =" "src =" http://img1.51cto.com/attachment/201108/220643907.jpg "/>

2. bidirectional encryption (type 7)

650) this. width = 650; "border =" 0 "alt =" "src =" http://www.bkjia.com/uploads/allimg/131227/025211CS-1.jpg "/>

3. Blowfish encryption for vswitches: mainly the blowfish Encryption Algorithm for CAT vswitches. In cisco vswitches, the first letter is $2 $, which is also a one-way algorithm.

650) this. width = 650; "border =" 0 "alt =" "src =" http://www.bkjia.com/uploads/allimg/131227/0252112Q5-2.jpg "/>

4. MD5 Encryption

It is not encrypted. It is unnecessary to display the plaintext. You can see it when you download the CONFIG file using TFTP. Two-way encryption (cype 7) is also not secure. A tool dedicated to cracking this encryption algorithm is available, and it will be converted in one second. Currently, MD5 encryption and Blowfish encryption are secure encryption methods. We strongly recommend that you use them as administrators.

Generally, you can use TELNET or HTTP to log on to CISCO. Both must verify the password.

650) this. width = 650; "border =" 0 "alt =" "src =" http://www.bkjia.com/uploads/allimg/131227/0252113029-3.jpg "/>

Enter the correct password and then enter normal mode. You can perform some common queries. To perform settings and changes, enter a special password.

650) this. width = 650; "border =" 0 "alt =" "src =" http://www.bkjia.com/uploads/allimg/131227/025211J64-4.jpg "/>

To write a TCL script, you must enter the TCL Script Mode to write commands.

650) this. width = 650; "border =" 0 "alt =" "src =" http://www.bkjia.com/uploads/allimg/131227/0252114595-5.jpg "/>

Then input the TCL script,

650) this. width = 650; "border =" 0 "alt =" "src =" http://www.bkjia.com/uploads/allimg/131227/0252113E8-6.jpg "/>

Set the remote Telnet port to 9898.

650) this. width = 650; "border =" 0 "alt =" "src =" http://www.bkjia.com/uploads/allimg/131227/025211OP-7.jpg "/>

Tlenet logs on to port 9898 of the Cisco router and displays that the password verification is completely bypassed.

650) this. width = 650; "border =" 0 "alt =" "src =" http://www.bkjia.com/uploads/allimg/131227/0252116215-8.jpg "/>

Enter the Cisco command directly after the enter ios command. The disadvantage is that only one command can be entered at a time. You can edit the command directly in the TCL script and then execute it. Run the command and exit SHELL. Then, TELNET to log on.

PS: tcl shell won't be pasted here as mentioned in all the articles of the blog in February.