ASA5505密碼破解

來源:本站原創 CISCO 超過1,583 views圍觀 0條評論

 

1. Power-cycle your security appliance by removing and re-inserting the power plug at the power strip.

重新插拔電源線
2. When prompted, press Esc to interrupt the boot process and enter ROM Monitor mode. You should immediately see a rommon prompt (rommon #0>).
按ESC鍵進入ROM Monitor模式,可以看到提示符rommon #0>
3. At the rommon prompt, enter the confreg command to view the current configuration register setting: rommon #0>confreg
輸入命令confreg回車,查看當前的寄存器的值
4. The current configuration register should be the default of 0x01 (it will actually display as 0x00000001). The security appliance will ask if you want to make changes to the configuration register. Answer no when prompted.
寄存器的初始值為0x01,ASA會出現詢問是否改變寄存器的設置,輸入no回車
5. You must change the configuration register to 0x41, which tells the appliance to ignore its saved (startup) configuration upon boot:

改變寄存器的值為0x41

rommon #1>confreg 0x41
6. Reset the appliance with the boot command:

重啟設備

rommon #2>boot
7. Notice that the security appliance ignores its startup configuration during the boot process. When it finishes booting, you should see a generic User Mode prompt:

此時,ASA會跳過startup配置,啟動完成后直接進入用戶模式

ciscoasa>
8. Enter the enable command to enter Privileged Mode. When the appliance prompts you for a password, simply press (at this point, the password is blank):

進入特權模式,密碼為空

ciscoasa>enable

Password:

ciscoasa#
9. Copy the startup configuration file into the running configuration with the following command:

將startup配置保存至running配置中

ciscoasa#copy startup-config running-config

Destination filename [running-config]?
10. The previously saved configuration is now the active configuration, but since the security appliance is already in Privileged Mode, privileged access is not disabled. Next, in configuration mode, enter the following command to change the Privileged Mode password to a known value (in this case, we’ll use the password system):

重新設置特權模式的密碼為system

asa#conf t

asa(config)#enable password system
11. While still in Configuration Mode, reset the configuration register to the default of 0x01 to force the security appliance to read its startup configuration on boot:

改回寄存器的值,強制ASA從startup讀取配置啟動

asa(config)#config-register 0x01
12. Use the following commands to view the configuration register setting:

查看當前寄存器的值

asa(config)#exit

asa#show version
13. At bottom of the output of the show version command, you should see the following statement: Configuration register is 0x41 (will be 0x1 at next reload)
在輸出的最后會看到寄存器的值會在重啟設備后由0x41變成0x1
14. Save the current configuration with the copy run start command to make the above changes persistent:

保存配置

asa#copy run start

Source filename [running-config]
15. Reload the security appliance: asa# reload System config has been modified. Save? [Y]es/[N]o:yes
輸入reload命令重啟設備,詢問是否保存配置,輸入yes回車
Cryptochecksum: e87f1433 54896e6b 4e21d072 d71a9cbf
2149 bytes copied in 1.480 secs (2149 bytes/sec) Proceed with reload? [confirm]
When your security appliance reloads, you should be able to use your newly reset password to enter privileged mode.
設備重啟后,你可以使用重置后的密碼進入特權模式

文章出自:CCIE那點事 http://www.qdxgqk.live/ 版權所有。本站文章除注明出處外,皆為作者原創文章,可自由引用,但請注明來源。 禁止全文轉載。
本文標題:ASA5505密碼破解
本文鏈接:http://www.qdxgqk.live/?p=3080轉載請注明轉自CCIE那點事
如果喜歡:點此訂閱本站
?
?
萌宠夺宝游戏