Is Telnet password, Enable secret or Enable Password Safe? Quite Obviously NO!!!!

Is Telnet password, Enable secret or Enable Password Safe? Quite Obviously NO!!!!

Arshdeep Singh Arshdeep Singh

Arshdeep Singh

Network Test Developer/ Engineer at Siemens Canada | IEEE 1588 ,Time Sync, PTP Expert.

发布日期: 2020年4月2日
+ 关注
No alt text provided for this image
No alt text provided for this image

While Telnetting is one of the simplest and basic tools to gain remote access to any of the devices on the network, it can be easily cracked by ane who gains access to your network either from inside or from outside.

Telnet requires a 'line vty 0 15" password to be set on the device before another host can telnet into that device. It places the host trying to telnet to the remote host into the user mode, from where it further requires to enable password and enables secret to move into the "enable or the privilege mode". Both the line vty and the 'enable password' or 'enable secret' can be sniffed through the Wireshark.


Using Wireshark the captured packets flowing between the devices, and analyzing the packets gives us the clear unencrypted form of as depicted in the screenshots below.

For experimental purposes, I used "CCNA" as a password on "line vty " and "CCNP" as the enable secret password.

No alt text provided for this image
No alt text provided for this image



Note: This demonstration and article are just for understanding purposes, any discussions and questions are more than welcome to be discussed.

要查看或添加评论,请登录

Arshdeep Singh的更多文章

  • Fun with Revisiting MPLS basics. (Capturing labels with Wireshark)
    2020年5月23日

    Fun with Revisiting MPLS basics. (Capturing labels with Wireshark)

    Label Switching as Packet travels through the Customer Edge 1 to the Customer Edge 2. The main advantage of this MPLS…

  • Layer 2 Security? VLANs and packet analysis using WIRESHARK
    2020年5月21日

    Layer 2 Security? VLANs and packet analysis using WIRESHARK

    Yes, we have all the sophisticated firewalls working at layer 3, but what about layer 2 security? Layer 2 security, is…

  • Learning to Integrate Ubuntu in 'Network Topology'.
    2020年4月28日

    Learning to Integrate Ubuntu in 'Network Topology'.

    Integrated Ubuntu dockers into the Networking Topology and assigning Ip addresses to these machines through DHCP on R1…

  • Fun with ARP (Capturing ARP request and REPLY on WIRESHARK).
    2020年4月23日

    Fun with ARP (Capturing ARP request and REPLY on WIRESHARK).

    Capturing ARP request and ARP reply Packets on the Wireshark, when PC2 first tries to ping PC1. ? PC 2 pings the PC 1…

    2 条评论
  • 'Keys and Certificates' in the world of "Internet".
    2020年4月16日

    'Keys and Certificates' in the world of "Internet".

    In the world of computer and mobile communication, information flowing to and fro can be easily intercepted by…

  • Gratuitous ARP in action
    2020年3月27日

    Gratuitous ARP in action

    This is what happens when you try to assign the same IP address to a host, which has been already assigned to some…

  • Fun with Switches-Building Mac Table
    2020年3月16日

    Fun with Switches-Building Mac Table

    Fun with Switches- Building Mac-Address-Table An intelligent layer 2 devices called Switch has 3 decisions to make 1)…

  • Fun with Rip Request and Response packets
    2020年3月10日

    Fun with Rip Request and Response packets

    Rip has two packet types Request packet and Response packets A request packet is sent out through RIP enabled…

  • Fun with OSPF "Hello"
    2020年2月29日

    Fun with OSPF "Hello"

    One of the key parameters of how the OSPF works is through the exchange of hello packets, which works in two ways. To…

  • TCP Three Way Handshake
    2020年2月27日

    TCP Three Way Handshake

    Transmission Control Protocol (commonly known as TCP) is one of the two transport-protocols for the exchange of…

社区洞察

其他会员也浏览了