09-22-2014, 04:59 PM
This is interesting, I compared the hashes of admin/root, and found that the first 21 characters (not counting "_encrypted_" are unique, but the last 22 characters (not counting "=") are absolutely identical. Is it possible that they have just added thoose characters at the end to make it harder to crack? I don't get why they would do it though, as it's very easy to spot.
Decoding the unique string in root on base64decode.org actually returns 9 completely random characters, but reencoding that string again gives a diffrent base64 string. So it seems like it's not decoding correctly.
Looking over "example hashes", it looks similar to Cisco hashes
Code:
root
_encrypted_ TKrP****eG7tXkKbe0DOL QAAAABfQUxMAAAAIAAAACE=
admin (password is "password1")
_encrypted_ wOs0DDgsSDMJ6LeE5/iKB QAAAABfQUxMAAAAIAAAACE=Decoding the unique string in root on base64decode.org actually returns 9 completely random characters, but reencoding that string again gives a diffrent base64 string. So it seems like it's not decoding correctly.
Looking over "example hashes", it looks similar to Cisco hashes
Code:
2400 Cisco-PIX MD5 dRRVnUmUHXOTt9nk
5700 Cisco-IOS SHA256 2btjjy78REtmYkkW0csHUbJZOstRXoWdX1mGrmmfeHI