Recover password from a PIX firewall

Written by on Sunday, July 20, 2008 12:56 - 0 Comments

Recovering password from Cisco PIX firewall

Password recovery on Cisco PIX firewalls differs depending on whether a floppy drive is present or not. To recover a password from a Cisco PIX firewall, you will need about ten minutes of downtime and the items from the list below. Once these items are obtained one of the procedures below can be followed to recover a password.

PIX Lockout Utility (which includes the following)
np70.bin (7.x and 8.0 release)
np63.bin (6.3 release)
np62.bin (6.2 release)
np61.bin (6.1 release)
np60.bin (6.0 release)
np53.bin (5.3 release)
np52.bin (5.2 release)
np51.bin (5.1 release)
np50.bin (5.0 release)
np44.bin (4.4 release)
nppix.bin (4.3 and earlier releases)
rewrite.exe (needed only for PIX machines with a floppy drive)
TFTP Server Software (needed only for PIX machines without a floppy drive) TFTP server software is no longer available from, but you can find many TFTP servers by searching for “tftp server” on the Internet. Cisco does not specifically recommend any particular TFTP implementation.

Method One – With a Floppy Drive:
1. Load the rewrite.exe file.
2. Follow the on screen directions and answer all questions using the correct password recovery file.
3. On PIX console port, install a serial terminal.
A. Or a PC with terminal emulation software.
4. Verify a connection with the PIX, and characters are sent between the terminal and the PIX
A. If you are locked out, you will only see a password prompt.
5. Insert the PIX Password Lockout Utility disk into the drive.
6. Push the Reset button on the front of the PIX. The PIX reboots and you should see this message:
Erasing Flash Password. Please eject diskette and reboot.
7. Eject the disk and press the Reset button.
8. When prompted for a password press [enter].
9. The default password at this point is “Cisco” with no default enable password.
10. In configuration mode, type the following command password <password> .
11. Type in enable password <password>.
12. Save this configuration, you have now set the Telnet and enable passwords.

Method Two – Without a Floppy Drive:
1. Follow steps One and Two from Method One.
2. Power on the firewall at the startup message press the [esc] key.
3. Type monitor> interface for floppiless PIXes the monitor command defaults to the inside interface.
4. Type monitor>address and specify the IP address of the PIX Firewall’s interface.
5. Type monitor>server and specify the IP address of the remote TFTP server containing the PIX
password recovery file.
6. Type monitor>file and specify the filename of the PIX password recovery file.
7. Type monitor>gateway
A. specify the IP address of a router gateway through which the server is accessible.
8. Type monitor>tftp and start the download.
9. Press [y] when asked to erase passwords.
10. Now follow steps 8 to 12 from the first Method. ')}

Article written by

Leave a Reply

You must be logged in to post a comment.

2003 server - Sep 30, 2008 22:34 - 0 Comments

instant messaging srv records

More In Computers & PC

Microsoft Outlook - Mar 22, 2009 11:22 - 0 Comments

Outlook: Duplicates in Mailbox

More In Computers & PC