27158 total geeks with 3531 solutions
Recent challengers:
 Welcome, you are an anonymous user! [register] [login] Get a yourname@osix.net email address 

Articles

GEEK

User's box
Username:
Password:

Forgot password?
New account

Shoutbox
timsattemme
[b][url=http ://www.tiffa nysfans.com/ ]tiff<strong ><a href="http:/ /www.tiffany sfans.com/"> tiffany jewelry</a>< /strong> <br > <strong><a href="http:/ /www.tiffany sfans.com/"> tiffany & co</a></stro ng> <br>
timsattemme
[b][url=http ://www.topwa tchesmart.co m/]swiss repl<strong> <a href="http:/ /www.topwatc hesmart.com/ ">swiss replica watches aaa+</a></st rong> <br> <strong><a href="http:/ /www.topwatc hesmart.com/ ">swiss replica watches</a>< /strong> <br >
timsattemme
<strong><a href="http:/ /www.topwatc hesmart.com/ ">high quality replica watches for men</a></str ong> | <strong><a href="http:/ /www.topwatc hesmart.com/ ">watches</a ></strong> | <strong><a href="http:/ /www.topwatc hesmart.com/ ">swiss Mechanical movement repli
omentomikel
[b][url=http ://www.cchof .net/]ray ban[/url][/b ] [b][url=ht tp://www.cch of.net/]ray ban outlet[/url] [/b] [b]<a href="http:/ /www.cchof.n et/">ray ban outlet stores</a>[/ b] [b][url=http ://www.cchof .net/]ray-ba n sunglasses[/ url][/b] [b]<a href="http:/ /w
omentomikel
[b][url=http ://www.chris tianloubouti nprice.com/] christian louboutin[/u rl][/b] [b][ url=http://w ww.christian louboutinpri ce.com/]chri stian louboutin shoes[/url<s trong><a href="http:/ /www.christi anlouboutinp rice.com/">c hristian louboutin</a ></strong> < strong>

Donate
Donate and help us fund new challenges
Donate!
Due Date: Nov 30
November Goal: $40.00
Gross: $0.00
Net Balance: $0.00
Left to go: $40.00
Contributors


News Feeds
The Register
title="Bastard
Operator from
Hell">BOFH:
WHERE did this
"fax-enabled"
"It is comforting
to know where your
data centres are."
UK.GOV does NOT
I need a password
to BRAKE? What? No!
STOP! Aaaargh!
Leaked screenshots
show next Windows
kernel to be a
perfect 10
HP boss Meg Whitman
shuffles exec pawns
just before biz
splits
Judge OKs $450m
deal to end ebook
price-hike row. And
Apple just won"t
let it die
Mozilla remembers
2013, back when it
still gobbled at
the Google
money-trough
Europe may ask Herr
Google: Would you
snap off your
search engine?
First in line to
order a Nexus 6?
AT&T has a
BRICK for you
Amazon warming up
"cheapo web video"
cannon to sink
Netflix
Slashdot
Critical XSS Flaws
Patched In
WordPress and
Popular Plug-In
Startup Assembly
Banks On Paid,
Open-Source Style
Development
Another Hint For
Kryptos
Mozilla"s 2013
Report: Revenue Up
1% To $314M; 90%
From Google
Molecular Clusters
That Can Retain
Charge Could
Revolutionize
Computer Memory
The EU Has a Plan
To Break Up Google
Top NSA Official
Raised Alarm About
Metadata Program In
2009
Obama"s Immigration
Order To Give Tech
Industry Some,
Leave "Em Wanting
More
CERN Releases LHC
Data
Harvard Scientists
Say It"s Time To
Start Thinking
About Engineering
the Climate
Article viewer

How to Reset The Admin Password On A Cisco Router



Written by:rapture
Published by:Nightscript
Published on:2004-12-16 11:34:33
Topic:Networking
Search OSI about Networking.More articles by rapture.
 viewed 86961 times send this article printer friendly

Digg this!
    Rate this article :
This guide describes the procedure for recovering an enable password or enable secret passwords.

These passwords are used to protect access to privileged EXEC and configuration modes.
The enable password password can be recovered but the enable secret password is encrypted and can only be replaced with a new password.

How to Reset The Admin Password On A Cisco Router (Local)
By Rapture

This is the first in my series of guides to cisco routers.
Cisco border routers are what seperates the internal network from the internet.
It is important to understand how they work, because an insecure border router means an insecure network.
Please email me any ideas about cisco related guides you would like to read about, my next article will be a guide to hardening the security of Cisco routers.

Introduction

This guide describes the procedure for recovering an enable password or enable secret passwords.
These passwords are used to protect access to privileged EXEC and configuration modes.
The enable password password can be recovered but the enable secret password is encrypted and can only be replaced with a new password.

Requirements

Physical access to the router
Basic cisco experience
PC with hyperterminal
RJ-45 rollover cable

Step-by-Step Procedure

1. Attach a terminal or PC with terminal emulation (such as hyperterminal) to the console port of the router.

Use the following terminal settings:

- 9600 baud rate
- No parity
- 8 data bits
- 1 stop bit
- No flow control

For additional information on cabling and connecting a terminal to the console port or the AUX port, refer to the following documents

Cabling Guide for Console and AUX Ports on Cisco Routers - http://www.cisco.com/warp/public/701/14.html

2. Using the power switch, turn off the router and then turn it back on.

3. Press Break on the terminal keyboard within 60 seconds of the power-up to put the router into ROMMON

Example:

*** System received an abort due to Break Key ***

signal= 0x3, code= 0x500, context= 0x813ac158
PC = 0x802d0b60, Vector = 0x500, SP = 0x80006030
rommon 1 >

4. Type confreg 0x2142 at the rommon 1> prompt to boot from Flash without loading the configuration.

Example:

rommon 1 > confreg 0x2142

You must reset or power cycle for new config to take effect

5. Type reset at the rommon 2> prompt.

The router reboots but ignores its saved configuration.

6. Type no after each setup question or press Ctrl-C to skip the initial setup procedure.

Example:

--- System Configuration Dialog ---

Would you like to enter the initial configuration dialog? [yes/no]: n

Press RETURN to get started!

7. Type enable at the Router> prompt.

You'll be in enable mode and see the Router# prompt.

Example:

Router>enable
Router#

8. Type copy startup-config running-config to copy the nonvolatile RAM (NVRAM) into memory.

Example:

Router#copy startup-config running-config
Destination filename [running-config]?
1324 bytes copied in 2.35 secs (662 bytes/sec)
Router#
00:01:24: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0/0:1,
changed state to down
00:01:24: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0/0:2,
changed state to down

9. Type show running-config.

The show running-config command shows the configuration of the router. In this configuration you see under all the interfaces the shutdown command, which means all interfaces are currently shutdown. Also, you can see the passwords (enable password, enable secret, vty, console passwords, and so on) either in encrypted or unencrypted format. The unencrypted passwords can be re-used, the encrypted ones will have to be changed with a new one.

10. Type configure terminal and to make the changes.

The prompt is now hostname(config)#.

11. Type enable secret <password> to change the enable secret password.

Example:

Router(config)#enable secret cisco


12. Issue the no shutdown command on every interface that is used.

(To find out what interfaces are available, issue a "show ip interface brief" command)

Example :

Router(config)#show ip interface brief

Interface IP-Address OK? Method Status Protocol
Ethernet0/0 10.200.40.37 YES TFTP administratively down down
Serial0/0 unassigned YES TFTP administratively down down
BRI0/0 193.251.121.157 YES unset administratively down down
BRI0/0:1 unassigned YES unset administratively down down
BRI0/0:2 unassigned YES unset administratively down down
Ethernet0/1 unassigned YES TFTP administratively down down
Serial0/1 unassigned YES TFTP administratively down down
Loopback0 193.251.121.157 YES TFTP up up

Router(config)#interface Ethernet0/0
Router(config-if)#no shutdown
Router(config-if)#
00:02:14: %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up
00:02:15: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0,
changed state to up
Router(config-if)#interface BRI0/0
Router(config-if)#no shutdown
Router(config-if)#
00:02:26: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to down
00:02:26: %LINK-3-UPDOWN: Interface BRI0/0:2, changed state to down
00:02:26: %LINK-3-UPDOWN: Interface BRI0/0, changed state to up
00:02:115964116991: %ISDN-6-LAYER2UP: Layer 2 for Interface BR0/0,
TEI 68 changed to up
Router(config-if)#^Z <------ Control + Z
Router#
00:02:35: %SYS-5-CONFIG_I: Configured from console by console

Now check the interfaces are all up (hint: show ip interface brief)


13. Enter config mode and type config-register 0x2102, this will reset the config register to boot from your saved configuration file (with all your new passwords)

Router#configure terminal
Router(config)#config-register 0x02102

14. Press Ctrl-z or end to leave the configuration mode.

The prompt is now hostname#.

15. Type copy running-config startup-config to save the changes.

Your done! Restart the router and login

Rapture

Email : rapture_uidzero@hotmail.com
CMS : rapture




Did you like this article? There are hundreds more.

Comments:
zethyr
2004-12-23 16:55:14
Good work :) I'm looking forwards to testing this on some kind of cisco-router I may find.
Detailed and good work, so anybody can do it without much basic knowledge.
Anonymous
2008-10-15 17:11:15
I agree with TroPe ... this author has taken the time to write out a most frequently used procedure (especially if you are teaching CCNA and such)
Anonymous
2008-11-07 15:05:09
Thanks, this worked.

Chris NYC
Anonymous
2008-12-03 14:02:35
Thanks alot :) Works every time! ;p
Anonymous
2008-12-08 04:21:02
This is great information. Just got my 2600 and this solved my password issue. Bought used and now I can begin my training! Thanks, Ryan
Anonymous
2008-12-16 00:51:53
Excellent! Thanks for the heads-up!
Anonymous
2009-01-04 18:41:15
Thanks m8. It does work!!!
Anonymous
2009-02-26 19:17:52
Thanks a lot man!

Worked great for me on three different Cisco router models!
Anonymous
2009-05-21 17:11:32
awesome... Just add how to nuke the config after you wipe the enable secret.
Anonymous
2010-02-11 10:57:43
how to reset my cisco password if i forgot from remote location cisco 1800 series
Anonymous
2010-03-09 18:58:47
Work like a charm on a Cisco 2600 Series -

Thanks Rapture!
Anonymous
2010-12-10 09:27:43
Thanks a lot and God Bless u
Anonymously add a comment: (or register here)
(registration is really fast and we send you no spam)
BB Code is enabled.
Captcha Number:


Blogs: (People who have posted blogs on this subject..)
everyMan
Blog entry for Thu 1st Feb 1am on Thu 1st Feb 2am
I need to write "run.pl" that calls expect script. the expect will the take the user and pass given in run.pl and telnet to another device.

Test Yourself: (why not try testing your skill on this subject? Clicking the link will start the test.)
Hubs / Switches & Cable Wires/Wireless by DocHoliday

This test is revolved around networking with hubs and of course switches in which are performed to create a network route.
Beginning Networking by truthseeker

Basic, beginning networking test. Covers a little of everything, protocols, hardware, OSI model, etc.
Networking by emmanuelmalanda

simple exercise to test one's knowledge on various networking aspects
Various Networking (part 2) by think12

Started as a Ethernet based test, but... It grew a mind of its own
Various Networking (pt1) by think12

Mainly protocols


     
Your Ad Here
 
Copyright Open Source Institute, 2006