A New Password Capture On Cisco System Devices presented at Blackhat Europe 2005

by Stephen Dugan, 101labs ,

Tags: Security

Summary : This talk will show a new way to get a password from a Cisco administrator. This technique utilizes a couple of the most basic default settings within a Cisco box. Admittedly most admins turn this particular default off, not for security reasons, just because its down right annoying. Anyone willing to bring a laptop, plug into the test lab, an act the part of an administrator will get a first hand look into how this exploit works. This exploit is relatively simple in relation to understanding Cisco devices. Anyone attending, regardless of Cisco knowledge should be able to understand how this works.