Cisco ASA hash type
#1
Hi all,

I am playing at cracking Cisco ASA passwords for fun. I have a test ASA I am using. I have successfully cracked the enable passwords and the passwords encrypted by using the ordinary password encryption:

Code:
username test password password privilege 15

Gives the output in show run as:

Code:
username test password 4VnN2pEtX1eZQP5L encrypted privilege 15

I know this hash type is the Cisco ASA ( -m 1410 in the hashcat command).

There is another type of password hashing used on an ASA, done by entering the following command:

Code:
username test password password mschap privilege 15

Which outputs in the show run as:

Code:
username test password iEb36u6PsRetBr3YMLdYbA== nt-encrypted privilege 15

I have checked the Cisco site and managed to find out that the ASA will convert the text to unicode and then hash with MD4 which made me think to use NTLM but I am getting the line length exception error. The hash is also in base64 which doesn't match the example hash type given on the Hashcat wiki.

What mode do I use in Hashcat to attempt to crack this password type?

Thanks in advance for any advice given.


Messages In This Thread
Cisco ASA hash type - by jayohaitchenn - 12-07-2017, 06:53 PM
RE: Cisco ASA hash type - by royce - 12-07-2017, 07:05 PM
RE: Cisco ASA hash type - by jayohaitchenn - 12-07-2017, 10:01 PM
RE: Cisco ASA hash type - by jayohaitchenn - 12-08-2017, 11:42 AM
RE: Cisco ASA hash type - by jayohaitchenn - 12-08-2017, 01:11 PM
RE: Cisco ASA hash type - by undeath - 12-08-2017, 02:26 PM
RE: Cisco ASA hash type - by jayohaitchenn - 12-08-2017, 02:33 PM