10-02-2014, 09:04 PM
I am no expert but if I understand correctly, the hash is calculated from using the plaintext password + the first four characters of the username. So if you have a wordlist, you will need to append those first four characters to every line in the wordlist.
Example ASA configuration:
username test password W77doHGDnHvf5vZv encrypted
The password above is hash1234, so in your wordlist there needs to be a word hash1234test to get a successful hit.
Example ASA configuration:
username test password W77doHGDnHvf5vZv encrypted
The password above is hash1234, so in your wordlist there needs to be a word hash1234test to get a successful hit.