Had a customer today who needed their Cisco IPSec VPN pre-shared key. The problem is we didn't keep that information for their VPN account (only for our own) and the password is stored encrypted on the ASA.
I can reset their PSK easily, but then the other computers that are already deployed with the existing PSK will need to be reconfigured.
The Group Name, IP and PSK are all stored in a profile file (.pcf) on computers that are already configured. The PSK is encrypted. However, the encryption used for the PSK is very easily crackable.
Here's How:
1) Locate the profile (.pcf) file for your connection entry. This should be located at C:\Program Files\Cisco Systems\VPN Client\Profiles\ENTRYNAME.pcf.
2) Open the profile with a text editor.
3) Look for the line that begins with enc_GroupPwd=
4) Grab the string of characters that follow the = sign.
5) Input the characters into the Encrypted User/Group Password: field on this website.
6) Hit decode. Use the retrieved password to setup the remaining machines.
Here is an example of the encrypted password:
enc_GroupPwd=B54080BC72B142E7F537A9A2080C940D4B953BA6AE47C952C42C60C4C0EF69D6D8FA1E3E76038450E27724D29D851301CE97DF962667FD7A
Links:
http://coreygilmore.com/projects/decrypt-cisco-vpn-password/
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment