I am trying to connect to a VPN using Cisco VPN Client in-build on Mac Snow Leopard. The problem is that I have only the encrypted password. I tried some web sites to decrypt the password, but it does not work. Any idea?
Asked
Active
Viewed 3,248 times
0
-
1If you're asking how to decrypt 512-AES, SHA-1 Hashing w/ ESP you are very mistaken on how VPNs (Or encryption) work. – zetavolt Oct 01 '10 at 15:28
-
He could very well be talking about the "encrypted" password located in the pcf file, which, by all accounts, is extremely trivial to crack. – GregD Nov 01 '10 at 13:31
-
Yes GregD. But it is not trivial for me. – rtacconi Nov 02 '10 at 08:49
3 Answers
8
If you could decrypt it without a supercomputer and a few thousand years of computing cycles, that would be a serious security flaw, wouldn't it?
You might have to work on having the password changed on the host or going for the documentation of the sysadmins that set it up.
Bart Silverstrim
- 31,172
- 9
- 67
- 87
4
This definitely is possible.
There is a known vulnerability with the group password encryption implementation.
http://www.cisco.com/warp/public/707/cisco-sn-20040415-grppass.shtml
Here is C source code that demonstrates the vulnerability: http://www.unix-ag.uni-kl.de/~massar/soft/cisco-decrypt.c
I've successfully used this code to decrypt an encrypted group password for use with the built-in OS X 10.6 VPN client.
If some of the online tools or the source code above do not work for you then perhaps Cisco have a different implementation in the VPN implementation you're using.
Bradley Dwyer
- 141
- 4
2
If you're talking about the pcf file and it's "encrypted" password, this is indeed an easy thing to do:
http://coreygilmore.com/projects/decrypt-cisco-vpn-password/
Will get you what you need. I only do this to highlight the fact that you should NOT be using pcf files for VPN access.
GregD
- 8,713
- 1
- 24
- 36
-
Hi, yes I tried that one without any luck. I get an 'wrong password responce' – rtacconi Nov 02 '10 at 08:44