Please note, this is a STATIC archive of website hashcat.net from 08 Oct 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

hashcat Forum

hashcat Forum > Developer > hashcat > CISCO ASA Enable Fix
Full Version: CISCO ASA Enable Fix
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Gmoney

07-18-2019, 03:37 AM
Can developers modify the CSICO ASA module (2410) to allow for no username/salt when running a hash.  The ASA enable password is the same format as the username/password hash, but has no username. If a hash is attempted without the salt hashcat throws some length error and won't allow a NULL value for the username portion.

Example:

hashcat64.bin -m2410 -a3 XXXXXXXXXXXXXXXX:

*note after the colon is blank since the enable password has no username and therefore no salt (salt is based on username)

Result:

Hash 'XXXXXXXXXXXXXXXX:': Token length exception

Thanks for any insight/fixes

philsmd

07-18-2019, 06:56 AM
-m 2400 = Cisco-PIX MD5

Gmoney

07-19-2019, 12:04 AM
(07-18-2019, 06:56 AM)philsmd Wrote: [ -> ]-m 2400 = Cisco-PIX MD5

Correct, but has the same error.

philsmd

07-19-2019, 02:58 AM
can you run the example hash from https://hashcat.net/wiki/example_hashes correctly?

there is no ending : (colon) after the hash for this hash type (-m 2400)

Gmoney

07-19-2019, 01:08 PM
(07-19-2019, 02:58 AM)philsmd Wrote: [ -> ]can you run the example hash from https://hashcat.net/wiki/example_hashes correctly?

there is no ending : (colon) after the hash for this hash type (-m 2400)

Thanks for pointing me to that, and for the most part this seems like a decent workaround for the ASA not accepting NULL usernames; however, this method is limited to a 16 character enable password.  For the most part it will be fine, but the ASA option should really allow for a blank username to remedy this.

Thanks again for pointing this out, and it should work for enable passwords up to 16 characters.

Gmoney

07-19-2019, 01:39 PM
(07-19-2019, 01:08 PM)Gmoney Wrote: [ -> ]
(07-19-2019, 02:58 AM)philsmd Wrote: [ -> ]can you run the example hash from https://hashcat.net/wiki/example_hashes correctly?

there is no ending : (colon) after the hash for this hash type (-m 2400)

Thanks for pointing me to that, and for the most part this seems like a decent workaround for the ASA not accepting NULL usernames; however, this method is limited to a 16 character enable password.  For the most part it will be fine, but the ASA option should really allow for a blank username to remedy this.

Thanks again for pointing this out, and it should work for enable passwords up to 16 characters.

Actually, the more I think about it, this should work for any length password since the character limit is simply a restriction on CISCO PIXs - thanks again for directing me to that hashcat module.
hashcat Forum > Developer > hashcat > CISCO ASA Enable Fix