The break key sequence in the password recovery
What can I do if I forgot the password in my router? The fastest solution is replace it with the ‘password recovery‘ (you can try to find the password with bruteforce attack but I think it is not the better solution..).
During the password recovery procedure, it is fundamental sent the correct ‘Break’ key sequence to enable ROMMON, but, as you know, the ‘break’ sequence depends by the software that you use!
Below the standard break key sequence combinations for the most common operating systems.
|Software||Platform||Operating System||Try This|
|Hyperterminal||IBM Compatible||Windows XP||Ctrl-Break|
|Hyperterminal||IBM Compatible||Windows 2000||Ctrl-Break|
|Hyperterminal||IBM Compatible||Windows 98||Ctrl-Break|
|Hyperterminal (version 595160)||IBM Compatible||Windows 95||Ctrl-F6-Break|
|MicroPhone Pro||IBM Compatible||Windows||Ctrl-Break|
|Minicom||IBM Compatible||Linux||Ctrl-a f|
|ProComm Plus||IBM Compatible||DOS or Windows||Alt-b|
|Telnet||N/A||N/A||Ctrl-], then type ‘send brk’|
|Telnet to Cisco||IBM Compatible||N/A||Ctrl-]|
|Tip||Sun Workstation||UNIX||Ctrl-], then Break or Ctrl-c|
|VT 100 Emulation||Data General||N/A||F16|
|Windows NT||IBM Compatible||Windows||Break-F5|
|Shift-6 Shift-4 Shift-b (^$B)|
|N/A||Break-Out Box||N/A||Connect pin 2 (X-mit) to +V for half a second|
|Cisco to aux port||N/A||Control-Shft-6, then b|
What can I do if I have tried all these sequence and nothing happens? It’s easy! You can simulate the ‘break’ key!
Break key sequence simulation is useful if your terminal emulator does not support the break key, or if a bug does not allow your terminal emulator to send the correct signal.
Complete these steps to simulate a break key sequence:
- Connect to the router with these terminal settings:
- 1200 baud rate
- No parity
- 8 data bits
- 1 stop bit
- No flow control
- You no longer see any output on your screen, and this is normal.
- Power cycle (switch off and then on) the router and press the SPACEBAR for 10-15 seconds in order to generate a signal similar to the break sequence.
- Disconnect your terminal, and reconnect with a 9600 baud rate. You enter the ROM Monitor mode.
Remember: The Electronic Industries Association leavingcisco.com RS-232 logic level uses +3 to +25 volts to signify a Space (Logic 0) and -3 to -25 volts for a Mark (logic 1). A break signal is when the data line remains in the space condition for a specified duration, usually 100 ms to ½ second. All characters begin with a start bit and end with a stop bit (and also a parity bit or two). The level condition of the start and stop bits is always opposite. So, no character combination can look like the break signal.
Remember: In some cases, the break sequence might not get transmitted properly when using a USB/Serial converter cable. In such cases, use a keyboard with a different connector port (for example, a PS/2).
Enter your email address to receive notifications of new posts.