PIX506防火墙密码的破解

在实际工作中碰到一款PIX 506的防火墙,由于密码设置时间久远,客户公司中已经无人知道设备的密码,查阅CISCO资料及网上资料后,将密码破解,问题得以解决。

创新互联是一家专注于成都网站建设、做网站与策划设计,麻章网站建设哪家好?创新互联做网站,专注于网站建设十载,网设计领域的专业建站公司;建站业务涵盖:麻章等地区。麻章做网站价格咨询:13518219792

以下是破解的准备工作及过程:

准备工作:根据PIX IOS的版本下载以下文件

  • The appropriate binary file, depending on the PIX software version you run:

    • np70.bin(7.x and 8.0 release)

    • np63.bin(6.3 release)

    • np62.bin(6.2 release)

    • np61.bin(6.1 release)

    • np60.bin(6.0 release)

    • np53.bin(5.3 release)

    • np52.bin(5.2 release)

    • np51.bin (5.1 release)

    • np50.bin (5.0 release)

    • np44.bin (4.4 release)

    • nppix.bin (4.3 and earlier releases)

      Note:You need to determine what .bin file to use, which depends upon the PIX code that your PIX currently runs irrespective of the BIOS version.

  • 具体步骤:(PIX Without a Floppy Drive)

    Complete these steps to recover your password:

  1. Install a serial terminal or a PC with terminal emulation software on the PIX console port.

  2. Verify that you have a connection with the PIX, and that characters are going from the terminal to the PIX, and from the PIX to the terminal.

    Note:Because you are locked out, you only see a password prompt.

  3. Immediately after you power on the PIX Firewall and the startup messages appear, send a BREAKcharacter or press the ESCkey. Themonitor> prompt is displayed. If needed, type ?(question mark) to list the available commands.

  4. Use the interfacecommand to specify which interface the ping traffic should use. For floppiless PIXes with only two interfaces, the monitorcommand defaults to the inside interface.

  5. Use the addresscommand to specify the IP address of the PIX Firewall's interface.

  6. Use the servercommand to specify the IP address of the remote TFTP server containing the PIX password recovery file.

  7. Use the filecommand to specify the filename of the PIX password recovery file. For example, the 5.1 release uses a file named np51.bin.

  8. If needed, enter the gatewaycommand to specify the IP address of a router gateway through which the server is accessible.

  9. If needed, use the pingcommand to verify accessibility. If this command fails, fix access to the server before continuing.

  10. Use the tftpcommand to start the download.

  11. As the password recovery file loads, this message is displayed:

    Do you wish to erase the passwords? [yn]yPasswords have been erased.

    Note:If there are Telnet or consoleaaa authenticationcommands in version 6.2, the system also prompts to remove these.

  12. The default Telnet password after this process is "cisco." There is no default enable password. Go into configuration mode and issue the passwd your_passwordcommand to change your Telnet password and the enable password your_enable_passwordcommand to create an enable password, and then save your configuration.

monitor>interface 0

0: i8255X @ PCI(bus:0 dev:13 irq:10)1: i8255X @ PCI(bus:0 dev:14 irq:7 ) Using 0: i82559 @ PCI(bus:0 dev:13 irq:10), MAC: 0050.54ff.82b9

monitor>address 10.21.1.99

address 10.21.1.99

monitor>server 172.18.125.3

server 172.18.125.3

monitor>file np52.bin

file np52.bin

monitor>gateway 10.21.1.1

gateway 10.21.1.1

monitor>ping 172.18.125.3

Sending 5, 100-byte 0xf8d3 ICMP Echoes to 172.18.125.3, timeout is 4 seconds:!!!!!Success rate is 100 percent (5/5)

monitor>tftp

tftp np52.bin@172.18.125.3 via 10.21.1.1...................................Received 73728 bytes Cisco Secure PIX Firewall password tool (3.0) #0: Tue Aug 22 23:22:19 PDT 2000Flash=i28F640J5 @ 0x300BIOS Flash=AT29C257 @ 0xd8000 Do you wish to erase the passwords? [yn] yPasswords have been erased. Rebooting....说明:当我们直连的时候也就不存在网关的概念了。


当前题目:PIX506防火墙密码的破解
链接URL:http://azwzsj.com/article/jopooj.html