Cisco::SNMP::Password - Password Interface for Cisco Management
use Cisco::SNMP::Password;
This module is deprecated. Please use Crypt::Cisco. This will be removed from future releases.
The following methods implement the type-7 password encryption / decryption. The algorithm is freely available on the Internet on several sites; thus, I can/will NOT take credit or ANY liability for its use.
my $cm = Cisco::SNMP::Password->new();
Create a new Cisco::SNMP::Password object.
my $passwd = $cm->password_decrypt('00071A150754');
Where 00071A150754 is the encrypted Cisco password in this example.
00071A150754
my $passwd = $cm->password_encrypt('cleartext'[,# | *]); print "$_\n" for (@{$passwd});
Where cleartext is the clear text string to encrypt. The second optional argument is a number in the range of 0 - 52 inclusive or random text.
cleartext
Returns a pointer to an array constructed based on the second argument to password_encrypt.
password_encrypt
Option Description Action ------ ----------- ------- No argument provided Return all 53 possible encryptions. # Number 0-52 inclusive Return password encrypted with # index. (other) Random text Return a random password.
NOTE: Cisco routers by default only seem to use the first 16 indexes (0 - 15) to encrypt passwords. You notice this by looking at the first two characters of any type 7 encrypted password in a Cisco router configuration. However, testing on IOS 12.x and later shows that manually entering a password encrypted with a higher index (generated from this script) to a Cisco configuration will not only be allowed, but will function normally for authentication. This may be a form of "security through obscurity" given that some older Cisco password decrypters don't use the entire translation index and limit 'valid' passwords to those starting with the fist 16 indexes (0 - 15). Using passwords with an encryption index of 16 - 52 inclusive may render older Cisco password decrypters useless.
Additionally, the Cisco router command prompt seems to be limited to 254 characters, making the largest password 250 characters (254 - 4 characters for the pas (followed by space) command to enter the password).
pas
The following are inherited methods. See Cisco::SNMP for more information.
None by default.
This distribution comes with several scripts (installed to the default bin install directory) that not only demonstrate example uses but also provide functional execution.
bin
Crypt::Cisco
This software is released under the same terms as Perl itself. If you don't know what that means visit http://perl.com/.
Copyright (C) Michael Vincent 2015
http://www.VinsWorld.com
All rights reserved
To install Cisco::SNMP, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Cisco::SNMP
CPAN shell
perl -MCPAN -e shell install Cisco::SNMP
For more information on module installation, please visit the detailed CPAN module installation guide.