拿到一台PIX525,甚麼資訊也沒有,用Console Try過幾組帳密之後決定 Password Recovery。
環境確認:
- 使用PIX525 interface E0 連接至 TFTP Server 的 PC(CrossOver)
- 視 IOS 版本至Cisco網站下載抹除密碼的檔案
- TFTP Server須開啟,要上傳的檔案(nbxx.bin)須在對應的位置
Console畫面:
================================================================
monitor> interface 0
0: i8255X @ PCI(bus:0 dev:14 irq:10)
1: i8255X @ PCI(bus:0 dev:13 irq:11)
Using 0: i82557 @ PCI(bus:0 dev:14 irq:10), MAC: 0013.60xx.abcd <-須注意這一行
monitor> address 10.0.0.2
Invalid or incorrect command. Use 'help' for help.<-失敗
monitor> address 10.0.0.2
address 0.0.0.0 <-失敗
monitor> address 10.0.0.2
address 10.0.0.2 <-終於把 IP設上去
monitor> server 10.0.0.1
server 10.0.0.1 <-設定 TFTP Server的 IP
monitor> ping 10.0.0.1
Sending 5, 100-byte 0x4caa ICMP Echoes to 10.0.0.1, timeout is 4 seconds:
!!!!!
Success rate is 100 percent (5/5) <-直到出現這一行才表示網路連線 ok
monitor> file np70.bin
file np70.bin <-設定在TFTP上要上傳的檔案(TFTP Server的路徑要對應)
monitor> tftp
tftp np70.bin@10.0.0.1 via 10.0.0.1.............................................................................................................................................................................................................................................................
Received 129024 bytes
Cisco PIX Security Appliance password tool (3.0) #0: Thu Jun 9 21:45:44 PDT 2005
Initializing flashfs...
flashfs[0]: 8 files, 3 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 16128000
flashfs[0]: Bytes used: 15288832
flashfs[0]: Bytes available: 839168
flashfs[0]: Initialization complete.
Using the default startup configuration
Do you wish to erase the passwords? y/n [n]: y <-抹除密碼,最重要的目的
The following lines will be removed from the configuration:
enable password ooxxzzzedffsdfsd encrypted
passwd jijoijojjojojjo encrypted
aaa authentication ssh console LOCAL
aaa authentication enable console LOCAL
Do you want to remove the commands listed above from the configuration? y/n [n]y <-確認抹除密碼並重新啟動
參考文件:
沒有留言:
張貼留言