The entire process of cracking vswitch passwords

Comments: The vswitch and vro must have a certain security guarantee. That is to say, you must configure a reasonable password for them in time. What if this password is forgotten? I have met this time. Due to job transfer, the former network administrator left the department, but set a password on the switch, and did not tell me the network administrator who took over. What should we do? To send it back to the manufacturer's broken vswitches and routers, you must have certain security guarantees. That is to say, you must configure a reasonable password for them in time. What if this password is forgotten? I have met this time. Due to job transfer, the former network administrator left the department, but set a password on the switch, and did not tell me the network administrator who took over. What should we do? Sending it back to the vendor for cracking is too troublesome. So I personally went through the password cracking process. I. Network Environment: the company uses a 3500 series vswitch (the specific model is 3548) to connect a Huawei 2621 vro TO THE vswitch and access the Internet through optical fiber cables of China Telecom. The actual situation is that the vswitch 3548 was set by the previous network administrator and didn't tell me. Therefore, cracking the password becomes the core of this article. 2. Preparations: As the entire work requires network disconnection, after all, operations such as restarting the switch are involved. Therefore, the time is am after work. In addition, because password cracking and other such operations must be set using the CONSOLE line, the location can only be a central data center. I have found all the tools related to devices up to 3548, including installation instructions and CONSOLE control lines. Iii. Actual password cracking: According to my previous experience, statements for using and operating commands on all devices should be similar to those on CISCO devices, therefore, we thought it would be easy to crack the password of a CISCO device. Who knows the difference is not small. Generally, CISCO devices use the configuration register to crack passwords. The configuration register does not exist in the real-time switch. After querying the information, we found that the real-time switch used to modify the Super Terminal Configuration to crack the password. Step 1: connect the CONSOLE control line of the real-time switch to the CONSOLE management interface of the device. Step 2: disconnect another line of control on the CONSOLE to the COM serial port of the notebook used for debugging by the network administrator. Step 3: Go to the desktop of the notebook system and click Start> All Programs> accessories> communication> Super Terminal ". Step 4: after starting the Super Terminal of the system, we can name the new connection. Step 5: select the port that you just connected to using the CONSOLE control line from the drop-down menu in the "use during connection" Area of the connection settings. For example, COM1 port. Step 6: In the COM1 property settings window, configure the connection parameters. Generally, we normally connect to a vswitch using 9600 bits per second, 8 data bits, no parity check, 1 Stop bits, and no data flow control. However, if you want to crack the password of a real-time switch, you need to modify these values. Set the serial port speed of the PC Super Terminal to 57600, and set the speed to the same as that written above. Step 7: Use the terminal to connect to the vswitch, and then turn on the power of the vswitch. After the vswitch is started, immediately press the "ESC" Key multiple times to enter the monitoring mode of the vswitch. Multiple options are displayed on the terminal interface, including some basic initialization settings. TIPS: At the beginning, I did not succeed in following step 7. The Super Terminal interface always displays many "...". Later, it was discovered that the switch had to be connected to the Super Terminal before it could be powered on. If the switch was first connected to the Super Terminal, it would not be able to enter the monitoring mode. Step 8: Upload the configuration file config. text (Upload) to the notebook used by the network administrator according to the menu prompt, and then delete the configuration file Config. text on the switch. Step 9: Open the downloaded config. text file in the system hard disk in the notebook, and run the following statement enable secret level 1 5! E, 1u _; C9 &-8U0H enable secret level 15 5 * r_1u _; C3vW8U0H Delete and save and quit. Step 10: Download the modified config. text in the notebook to the switch according to the prompt in the switch monitoring mode. Step 2: Set the serial port speed of the Super Terminal of the notebook to 11th again, and keep the default parameters for others. After the vswitch is powered on and restarted, you can go to the vswitch configuration page and find that you can reconfigure the vswitch password, including the management password for remote TELNET and the privilege password of the local machine. After that, the vswitch password will become your new alime model, and you will change the password of A pair of accounts to another one? TIPS: in actual use, I found that the upload and download functions in the monitoring mode of the 3550 switch are not stable, and transmission failures often occur. Therefore, the author simply deletes config. text in monitoring mode, and then restarts the switch to reconfigure all the switch information. This situation applies to the fact that the vswitch does not have many configurations and is not complex. In addition, the network administrator must be familiar with the setting statements. Conclusion: After cracking the switch password in practice, I once again understand that the procedures and steps of different vendors are definitely different for the routing switch device, even if the command statements are similar, they are quite different in other advanced operations. Therefore, all the content introduced in this article is only for real-time routers and switches. If you encounter other devices, you need to use other methods to solve them.