Cisco ASA – View pre-shared keys in plain text
Posted by Josh on Thu 5 Jun 2008Categories: ASA / Pix , Cisco - [23] Comments
As engineers, we don’t always document things as well as we should OR someone you work with is always “too busy” to document their work. This little trick will show you how to recover pre-shared keys on a Cisco Pix or ASA firewall.
Normally, you use the ‘show run’ command to view the running configuration. Pre-shared keys are marked with an asterisk (*). To view the password unencrypted, type ‘more system:running-config’. This will display the full configuration with unencrypted passwords.
Forgive me, but I have not done enough research to know what versions of code this can be used on. Maybe someone else can leave a comment.
June 5th, 2008 at 10:04 pm
This is FANTASTIC! Can’t wait to challenge some coworkers. Nicely done as usual.
Thanks Josh.
June 6th, 2008 at 6:25 am
That does tend to rock. I had to do reset the keys on a 5505 that I was working on just yesterday and surely could have used that technique.
Thanks, Josh.
June 9th, 2008 at 11:02 am
Cisco command lookup tool says ‘more’ works for 7.0, 7.1, 7.2, & 8.0
June 9th, 2008 at 11:39 am
Thanks for the tip, works great
June 9th, 2008 at 4:12 pm
[...] Full post here with video [...]
June 10th, 2008 at 12:45 pm
Works fine here with version 7.2(3)
June 13th, 2008 at 7:51 am
as usuall u r great thx for ur work
June 13th, 2008 at 12:04 pm
does that also work on a pix running 7.2?
June 13th, 2008 at 12:19 pm
@Keith – I believe so – Josh
June 14th, 2008 at 8:58 am
Thanks for your information of this trick, it works on ASA-7.2.4 successfully !!
June 18th, 2008 at 7:46 am
I just ran the more command on my
ASA Version 7.2(4). FYI I copied the command from your website and it didnt work.
June 21st, 2008 at 2:47 pm
If I recall correctly, the ASDM also gives up the information. At least on the versions I have played with. In any case, there may be more uses for this. Great information.
June 26th, 2008 at 1:56 pm
how do I encrypt back the passwords?
July 10th, 2008 at 1:58 am
So simple!
July 10th, 2008 at 1:59 am
Paul, you’re right. I use ASDM 5.2 and it definitely shows the keys.
July 13th, 2008 at 1:32 am
@Paul and @Jake,
I don’t use ASDM that often, this is good to know! Thanks for sharing.
Josh
July 16th, 2008 at 12:39 pm
Excellent tip!!! Works like a charm! Thank you!
July 17th, 2008 at 4:47 am
Yes has handy that ASDM5 showed them but now hidden in ASDM6. But doesn’t matter now with this tip
August 3rd, 2008 at 3:04 pm
does it work to see the encrypted information also? for example if i want to see the password or the vpn users…
August 3rd, 2008 at 4:17 pm
andres,
Yes.
Josh
August 22nd, 2008 at 11:40 pm
Another way to get unencrypted keys is to go to the /admin/config page with a web browser. This works for 7.x and 8.x. On a Pix running 6.x, go to /config.
September 5th, 2009 at 3:01 pm
open the link below to see how to do the same thing on Cisco routers
http://www.ciscoccnabootcamp.com/index.php/cisco-ccna-640-802-security/46-decrypt-the-enable-password.
July 2nd, 2010 at 12:51 pm
[...] http://www.blindhog.net/cisco-asa-view-pre-shared-keys-in-plain-text/ Categories: ASA / PIX, Cisco Comments (0) Trackbacks (0) Leave a comment [...]