Forums > General Discussion > Type 7 Passwords
joshlowe
101 posts
24 Nov 2009 at 7:07 p.m. UTC

Hi everyone,

I have a question about type 7 encrypted passwords. I searched around the Internet and Cisco's own site, but it's difficult to sift through all the "type 7 password cracker" info that come up instead of what I'm looking for.

I happened to notice that on a router with several users, even though they were all configured with the same plaintext (type 0) password, the type 7 passwords generated by "service password-encryption", were all different.

username pod9r1 password 7 060506324F41584B56
username pod9r2 password 7 1511021F07257A767B
username pod9r3 password 7 070C285F4D06485744
! all of these passwords are "cisco123"

My question is, does the output of the type 7 password encryption algorithm depend on the username? In otherwords, if I decided to configure each user like this:

username user1 password 7 00071A1507545A545C
username user2 password 7 00071A1507545A545C
username user3 password 7 00071A1507545A545C

using the same type 7 password for each user, instead of:

username user1 password 0 cisco123
username user2 password 0 cisco123
username user3 password 0 cisco123

does it make any difference? Will that particular type 7 password work only for the username it was generated for? Why is the encrypted password different for each of my users in my running-config?

OK, I know that was more than one question, but does anyone have any insight into how the type 7 passwords are generated?

~Josh
Cisco
11 posts
25 Nov 2009 at 4:55 a.m. UTC

Hi Josh

I'll try to answer your question as best as possible and I stand to be corrected.

As far as I know the Type 7 password is generated by an encrypted algorithm, this will be different ALL the time. This will not depend on the username at all, as it will only look at the password to encrypt.

You can configure it like this

"username user1 password 7 00071A1507545A545C username user2 password 7 00071A1507545A545C username user3 password 7 00071A1507545A545C "

as the algorithm will look at the encrypted word and decrypt it to see the password.

Think of it as a bank transaction from the ATM, if you with draw the same amount of money the whole time over and over, it isn't going to transmit that same transaction in the same encrypted string as it did before, this will give "hackers" a pattern of how the encryption works.

Regards

Andre
joshlowe
101 posts
25 Nov 2009 at 5:34 p.m. UTC

Thanks Cisco,

That answers part one of my question, though I'm still curious how the algorithm comes up with a different hash for the same password every time. It must be based on some external factor, if not the username.

With your ATM example, the encryption is likely based on a unique key known only by the bank and programmed into your card (combined with your PIN). However, with these type 7 passwords, they can be decrypted with no prior knowledge of anything (type 7 password crackers just take the input string and produce the decrypted password).

In my example, 060506324F41584B56, 1511021F07257A767B, and 070C285F4D06485744 all work out to "cisco123", and even the type 7 password crackers can decrypt them properly. I assume anyone who's written one of these password crackers knows how the algorithm works.

I guess it's just my need to know how things work at a low level that's driving my curiosity on this one...

~Josh
stretch
269 posts
25 Nov 2009 at 11:52 p.m. UTC

The first two hex characters of the string compose an index number pointing to the position in the encryption key from which the encryption algorithm starts. This value will always be between 0 and 25, inclusive, since the key is 26 bytes long. Because of this, there are actually 26 possible encrypted forms of any given password; collisions are obviously possible.

You can get a better idea of how the "type 7" scheme works by examining the code for a reverser. Here's the source for the reverser hosted on this site:

def decrypt_type7(ep):
    """
    Taken from http://pypi.python.org/pypi/cisco_decrypt/
    """

    xlat = (0x64, 0x73, 0x66, 0x64, 0x3b, 0x6b, 0x66, 0x6f, 0x41, 0x2c, 
            0x2e, 0x69, 0x79, 0x65, 0x77, 0x72, 0x6b, 0x6c, 0x64, 0x4a, 
            0x4b, 0x44, 0x48, 0x53, 0x55, 0x42)
    dp = ''
    regex = re.compile('^(..)(.+)')

    result = regex.search(ep)
    s, e = int(result.group(1)), result.group(2)

    for pos in range(0, len(e), 2):

        magic = int(e[pos] + e[pos+1], 16)

        if s <= 25:
            # Algorithm appears unpublished after s = 25
            newchar = '%c' % (magic ^ int(xlat[int(s)]))
        else:
            newchar = '?'
        dp += newchar
        s += 1

    return dp
joshlowe
101 posts
26 Nov 2009 at 8:15 p.m. UTC

That's perfect, exactly what I was looking for. Thanks stretch!
SciFiHiFi
15 posts
1 Dec 2009 at 9:48 p.m. UTC

Interesting. As I read the question, I was sure that all the message digests would be identical for identical inputs. I guess I was thinking of MD5. It's funny that these 'type 7' passwords have a little edge over MD5 in that it salts it's own hash (kind of) but it still is so easily reversed.
hoanbq
1 post
11 Nov 2010 at 11:08 a.m. UTC

It's easy to understand the algorithm but I'm still confused how the xlat table was built. I'm googling and find nothing. Please help me. Thank all of you. ~hoanbq
stretch
269 posts
12 Nov 2010 at 2:57 p.m. UTC

The xlat table is essentially just a random static key stored in IOS. The fact that this key is identical in all IOS releases is what makes type 7 so easily reversed.

Viewing 1 - 8 of 8

  • 1