Discovering secret OSPF information on Cisco routers – part 2

Home > Blogs > Cisco > Discovering secret OSPF information on Cisco routers – part 2

Discovering secret OSPF information on Cisco routers – part 2

Like This Blog 0 Mark Jacob
Added by March 31, 2014

In a previous blog, I discussed OSPF authentication. In that blog, I covered the configuration of simple password protection. At the end of that blog I mentioned that the password when using this method is sent across the wire in clear text. Let us use that fact to our advantage as we delve into part two of discovering secret OSPF information in Cisco routers. Part 1 covered how to obtain the area ID from a neighboring router. This blog will explore the ease with which a simple password can be pulled off the wire, without so much as a packet sniffer in sight. Let’s begin by observing the network diagram.

001-Discovering-secret-OSPF-information-on-Cisco-routers

LEFT router has simple password authentication configured on F0/0. The objective is to log in to the console of RIGHT router and determine the password in use, configure our side to match, and create an adjacency between the two routers. We will have administrative power on RIGHT, but we are not permitted to access LEFT router. Let’s begin.

First, let’s see how close we are to success in our current configuration.

002-current-configuration-OSPF-information-on-Cisco-routers

So we are already running OSPF – that’s one less thing to cross off our list. Let’s check the status of this OSPF process.

003-current-configuration-OSPF-information-on-Cisco-routers

One of the pieces of information that was given to us is that LEFT router is already running simple (plain-text) authentication. We see from the above output that RIGHT router is not participating in authentication and the status in Inactive. Let’s see what it takes to snag that secret password while accessing only RIGHT router. The first step is to configure an extended access-list that watches for the information we want, which is hello packets (addressed to the multicast address 224.0.0.5). It looks like this:

004-packet-configuration-OSPF-information-on-Cisco-routers

Now to craft the debug command which will expose the information we seek. The command is debug ip packet detail 150 dump

005-debug-ip-configuration-OSPF-information-on-Cisco-routers

Focus your attention on the received (rcvd) hello packet. Within the raw dump to the screen is the plain-text password we seek. (It is on two lines, so follow the word-wrap to get it all.) We believe the password is secretid. Let’s try configuring it on our side. If it is correct, our neighbor relationship should spring up shortly after we configure it.

006-secrete-ip-configuration-OSPF-information-on-Cisco-routers

How about that? No WireShark and we captured everything we needed to get our router to speak the correct password on its OSPF interface. Not so difficult at all. It also shows the importance of avoiding plain-text password authentication and using the stronger md5 option supported by OSPF.

Some of the debug tricks are pretty cool and occasionally can come in handy on your certification exams by allowing you to extract seemingly secret information. Just think, someday you can be a great debugger! While that may not sound so impressive, the result most certainly is!

Until next time, debug away…when it is safe to do so, of course.

Mark Jacob
Cisco Instructor – Interface Technical Training
Phoenix, AZ

Videos You May Like

Cable Testers and How to Use them in Network Environments

0 645 1

This content is from our CompTIA Network + Video Certification Training Course. Start training today! In this video, CompTIA Network + instructor Rick Trader demonstrates how to use cable testers in network environments. Let’s look at some tools that we can use to test our different cables in our environment. Cable Testers Properly Wired Connectivity … Continue reading Cable Testers and How to Use them in Network Environments

How to Build in a PSMethod to your PowerShell Code

0 65 0

In this video, PowerShell instructor Jason Yoder shows how to add Methods (PSMethod) to your code using free software that’s added into the PSObject. For instructor-led PowerShell courses, see our course schedule. Microsoft Windows PowerShell Training Download the Building Methods PowerShell script</a> used in this video. <# ╔══════════════════════════════════════════════════════════════════════════════╗ ║ ║ ║ Building Methods ║ ╟──────────────────────────────────────────────────────────────────────────────╢ … Continue reading How to Build in a PSMethod to your PowerShell Code

OSPF Adjacency Troubleshooting Solution – Getting Close to the OSPF adj

0 246 1

In this video, Cisco CCNA & CCNP instructor Mark Jacob shows how to troubleshoot OSPF Adjacency issues by showing the distance between routers with the show ip ospf neighbor command.

Write a Comment

Share your thoughts...

Please fill out the comment form below to post a reply.