Cisco – Cracking and Decrypting Passwords (Type 7 and Type 5)
KB ID 0000940 Problem Decrypt Type 7 Cisco Passwords The Internet is full of sites that have something like the tool below, tap your ‘encrypted’ password in and it will reveal the Cisco password. Input Type 7 Obfuscated Password: Output Plain Text Password: As you can see I’ve specifically written ‘obfuscated’ above, because the password isn’t actually encrypted at all. All that happens is the...
Cisco ASA – Disable SSLv3 (Force TLSv1.0) – Mitigate POODLE
KB ID 0001052 Problem By default the Cisco ASA will allow connection via SSLv3. The POODLE exploit works by forcing SSL to fall back to SSLv3 and then decrypting that communication. However you are still not completely protected as per this Threat Validation, so the ASA platform can still be attacked via TLSv1.0. Note: At time of writing TLSv1.2 is not supported, but it is on the road-map for version 9.3(2). So this procedure will not...