Posts: 4
Threads: 1
Joined: Jul 2019
Can developers modify the CSICO ASA module (2410) to allow for no username/salt when running a hash. The ASA enable password is the same format as the username/password hash, but has no username. If a hash is attempted without the salt hashcat throws some length error and won't allow a NULL value for the username portion.
Example:
hashcat64.bin -m2410 -a3 XXXXXXXXXXXXXXXX:
*note after the colon is blank since the enable password has no username and therefore no salt (salt is based on username)
Result:
Hash 'XXXXXXXXXXXXXXXX:': Token length exception
Thanks for any insight/fixes
Posts: 2,267
Threads: 16
Joined: Feb 2013
Posts: 4
Threads: 1
Joined: Jul 2019
(07-18-2019, 06:56 AM)philsmd Wrote: -m 2400 = Cisco-PIX MD5
Correct, but has the same error.
Posts: 2,267
Threads: 16
Joined: Feb 2013
can you run the example hash from
https://hashcat.net/wiki/example_hashes correctly?
there is no ending : (colon) after the hash for this hash type (-m 2400)
Posts: 4
Threads: 1
Joined: Jul 2019
(07-19-2019, 02:58 AM)philsmd Wrote: can you run the example hash from https://hashcat.net/wiki/example_hashes correctly?
there is no ending : (colon) after the hash for this hash type (-m 2400)
Thanks for pointing me to that, and for the most part this seems like a decent workaround for the ASA not accepting NULL usernames; however, this method is limited to a 16 character enable password. For the most part it will be fine, but the ASA option should really allow for a blank username to remedy this.
Thanks again for pointing this out, and it should work for enable passwords up to 16 characters.
Posts: 4
Threads: 1
Joined: Jul 2019
(07-19-2019, 01:08 PM)Gmoney Wrote: (07-19-2019, 02:58 AM)philsmd Wrote: can you run the example hash from https://hashcat.net/wiki/example_hashes correctly?
there is no ending : (colon) after the hash for this hash type (-m 2400)
Thanks for pointing me to that, and for the most part this seems like a decent workaround for the ASA not accepting NULL usernames; however, this method is limited to a 16 character enable password. For the most part it will be fine, but the ASA option should really allow for a blank username to remedy this.
Thanks again for pointing this out, and it should work for enable passwords up to 16 characters.
Actually, the more I think about it, this should work for any length password since the character limit is simply a restriction on CISCO PIXs - thanks again for directing me to that hashcat module.