Posts Tagged ‘pix password recovery’
Cisco Pix & ASA - Sunday, July 20, 2008 12:56 - 0 Comments
Recover password from a PIX firewall
Recovering password from Cisco PIX firewall
Password recovery on Cisco PIX firewalls differs depending on whether a floppy drive is present or not. To recover a password from a Cisco PIX firewall, you will need about ten minutes of downtime and the items from the list below. Once these items are obtained one of the procedures below can be followed to recover a password.
PIX Lockout Utility (which includes the following)
np70.bin (7.x and 8.0 release)
np63.bin (6.3 release)
np62.bin (6.2 release)
np61.bin (6.1 release)
np60.bin (6.0 release)
np53.bin (5.3 release)
np52.bin (5.2 release)
np51.bin (5.1 release)
np50.bin (5.0 release)
np44.bin (4.4 release)
nppix.bin (4.3 and earlier releases)
rewrite.exe (needed only for PIX machines with a floppy drive)
TFTP Server Software (needed only for PIX machines without a floppy drive) TFTP server software is no longer available from Cisco.com, but you can find many TFTP servers by searching for “tftp server” on the Internet. Cisco does not specifically recommend any particular TFTP implementation.
Method One – With a Floppy Drive:
1. Load the rewrite.exe file.
2. Follow the on screen directions and answer all questions using the correct password recovery file.
3. On PIX console port, install a serial terminal.
A. Or a PC with terminal emulation software.
4. Verify a connection with the PIX, and characters are sent between the terminal and the PIX
A. If you are locked out, you will only see a password prompt.
5. Insert the PIX Password Lockout Utility disk into the drive.
6. Push the Reset button on the front of the PIX. The PIX reboots and you should see this message:
Erasing Flash Password. Please eject diskette and reboot.
7. Eject the disk and press the Reset button.
8. When prompted for a password press [enter].
9. The default password at this point is “Cisco” with no default enable password.
10. In configuration mode, type the following command password <password> .
11. Type in enable password <password>.
12. Save this configuration, you have now set the Telnet and enable passwords.
Method Two – Without a Floppy Drive:
1. Follow steps One and Two from Method One.
2. Power on the firewall at the startup message press the [esc] key.
3. Type monitor> interface for floppiless PIXes the monitor command defaults to the inside interface.
4. Type monitor>address and specify the IP address of the PIX Firewall’s interface.
5. Type monitor>server and specify the IP address of the remote TFTP server containing the PIX
password recovery file.
6. Type monitor>file and specify the filename of the PIX password recovery file.
7. Type monitor>gateway
A. specify the IP address of a router gateway through which the server is accessible.
8. Type monitor>tftp and start the download.
9. Press [y] when asked to erase passwords.
10. Now follow steps 8 to 12 from the first Method.
Article written by MyComputerAid.com