There are many tools to decrypt Cisco type-7 password, based on Vigenere algorithm. But, what can we do if we can not use these software? The Cisco-IOS method might not be new to some, but those that don’t know about it will find it useful.
Suppose you would decrypt these string:
username cisco password 7 0718365B000A1016141D11050A2F6527273E username fabio password 7 0110140558004B0224014600110C
To find the password, you can use the Cisco Key Chain:
Ciscozine(config)#key chain test Ciscozine(config-keychain)#key 1 Ciscozine(config-keychain-key)#key-string 7 0718365B000A1016141D11050A2F6527273E Ciscozine(config-keychain)#key 2 Ciscozine(config-keychain-key)#key-string 7 0110140558004B0224014600110C
The “show key chain” command displays the password configured in a key chain in cleartext even when the same password is stored as type-7 obfuscated password in the router configuration!
Ciscozine#show key chain
Key-chain test:
key 1 -- text "www.ciscozine.com"
accept lifetime (always valid) - (always valid) [valid now]
send lifetime (always valid) - (always valid) [valid now]
key 2 -- text "crack-me-hihi"
accept lifetime (always valid) - (always valid) [valid now]
send lifetime (always valid) - (always valid) [valid now]
Ciscozine#
Remember: The Key Chain feature is used to add more security (key, lifetime, …) to RipV2, IGRP, EIGRP and DRP Server Agent, but could also be useful to decrypt type-7 password!