MD5 Hash V Level 7

I was watching Chris Bryants Train Signal videos and he mentions in one of them that level 7 encryption used by the service encryption command is stronger than MD5 hash. I believe that isn't true because an MD5 is 128 bit and one way. It is impossible to reverse engineer it.At least thats what my security+ studies taught me.
can anyone confirm this.

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

ipSpace

If you are refering to type 7 password encryption then you are correct. MD5 is much better.

MD5 cannot be reversed engineered, but there is something called rainbow tables, that can make it really easy to hack.

Rainbow table - Wikipedia, the free encyclopedia
Free Rainbow Tables » Distributed Rainbow Table Generation » LM, NTLM, MD5, SHA1, HALFLMCHALL, MSCACHE

BrizoH

Does he really say that? I'd be surprised, the algorithm used for type 7 is very easily reversed

lrb

And here's an even cooler way to grab the type 7 passwords without having a tool to do it:

down-rt(config)#service password-encryption
down-rt(config)#username techexams password techexams.com
down-rt(config)#exit
down-rt#sh run | i username
username techexams password 7 09584B0A11000F13061F4A292429
down-rt#conf t
Enter configuration commands, one per line. End with CNTL/Z.
down-rt(config)#key cha
down-rt(config)#key chain techexams
down-rt(config-keychain)#key 1
down-rt(config-keychain-key)#key
down-rt(config-keychain-key)#key-string 7 09584B0A11000F13061F4A292429
down-rt(config-keychain-key)#end
down-rt#
*Mar 1 00:02:17.371: %SYS-5-CONFIG_I: Configured from console by console
down-rt#sh run | i username
username techexams password 7 09584B0A11000F13061F4A292429
down-rt#sh key c
down-rt#sh key chain
Key-chain techexams:
key 1 -- text "techexams.com"
accept lifetime (always valid) - (always valid) [valid now]
send lifetime (always valid) - (always valid) [valid now]

BrizoH

lrb wrote: »

And here's an even cooler way to grab the type 7 passwords without having a tool to do it:

down-rt(config)#service password-encryption
down-rt(config)#username techexams password techexams.com
down-rt(config)#exit
down-rt#sh run | i username
username techexams password 7 09584B0A11000F13061F4A292429
down-rt#conf t
Enter configuration commands, one per line. End with CNTL/Z.
down-rt(config)#key cha
down-rt(config)#key chain techexams
down-rt(config-keychain)#key 1
down-rt(config-keychain-key)#key
down-rt(config-keychain-key)#key-string 7 09584B0A11000F13061F4A292429
down-rt(config-keychain-key)#end
down-rt#
*Mar 1 00:02:17.371: %SYS-5-CONFIG_I: Configured from console by console
down-rt#sh run | i username
username techexams password 7 09584B0A11000F13061F4A292429
down-rt#sh key c
down-rt#sh key chain
Key-chain techexams:
key 1 -- text "techexams.com"
accept lifetime (always valid) - (always valid) [valid now]
send lifetime (always valid) - (always valid) [valid now]

Nice, I'm stealing a copy of that one

SdotLow

Google - level 7 password crack

IFM - Cisco Password Cracker

Top of the list. Saw the guy do that in the CBT nugget video when describing how useless the encryption is in the grand scheme of things.

In regards to MD5, I thought SHA1 was superior? And I was pretty sure MD5 could be cracked.

MrXpert

thanks for confirming this. I have heard of rainbow tables. I think also you can goto various password level 7 cracker websites which make the job easy.