Mailing List Archive

Decode $9$ encrypted Junos secrets
Greetings,

Threw this together a few days ago to recover $9$ encrypted Junos
passwords (RADIUS secrets, BGP MD5's, etc.).

It is ported from this Perl library:

http://cpansearch.perl.org/src/KBRINT/Crypt-Juniper-0.02/lib/Crypt/Juniper.pm

to a Python 2.7 script:

https://github.com/mhite/junosdecode

Remember to escape your $'s on the CLI when launching the script:

$ ./junosdecode.py \$9\$U-iqf36A1cSTzRSreXxDik.Tzn/CuBI
junos password decrypter
python version by matt hite
original perl version by kevin brintnall

encrypted version: $9$U-iqf36A1cSTzRSreXxDik.Tzn/CuBI
decrypted version: ju&iper123

Thanks,

-M
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: Decode $9$ encrypted Junos secrets [ In reply to ]
Thanks Matt,

This is a good tool.

Best regards,

---
David


On Mon, Mar 19, 2012 at 4:23 PM, Matt Hite <lists@beatmixed.com> wrote:

> Greetings,
>
> Threw this together a few days ago to recover $9$ encrypted Junos
> passwords (RADIUS secrets, BGP MD5's, etc.).
>
> It is ported from this Perl library:
>
>
> http://cpansearch.perl.org/src/KBRINT/Crypt-Juniper-0.02/lib/Crypt/Juniper.pm
>
> to a Python 2.7 script:
>
> https://github.com/mhite/junosdecode
>
> Remember to escape your $'s on the CLI when launching the script:
>
> $ ./junosdecode.py \$9\$U-iqf36A1cSTzRSreXxDik.Tzn/CuBI
> junos password decrypter
> python version by matt hite
> original perl version by kevin brintnall
>
> encrypted version: $9$U-iqf36A1cSTzRSreXxDik.Tzn/CuBI
> decrypted version: ju&iper123
>
> Thanks,
>
> -M
> _______________________________________________
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: Decode $9$ encrypted Junos secrets [ In reply to ]
No problem -- glad to share.

It's interesting to note just how many things are stored in $9$
encrypted format: RADIUS secrets, IS-IS authentication keys, BGP MD5
secrets, etc.

-M

On Mon, Mar 19, 2012 at 2:51 PM, David Lockuan <dlockuan@gmail.com> wrote:
> Thanks Matt,
>
> This is a good tool.
>
> Best regards,
>
> ---
> David
>
>
> On Mon, Mar 19, 2012 at 4:23 PM, Matt Hite <lists@beatmixed.com> wrote:
>>
>> Greetings,
>>
>> Threw this together a few days ago to recover $9$ encrypted Junos
>> passwords (RADIUS secrets, BGP MD5's, etc.).
>>
>> It is ported from this Perl library:
>>
>>
>> http://cpansearch.perl.org/src/KBRINT/Crypt-Juniper-0.02/lib/Crypt/Juniper.pm
>>
>> to a Python 2.7 script:
>>
>> https://github.com/mhite/junosdecode
>>
>> Remember to escape your $'s on the CLI when launching the script:
>>
>> $ ./junosdecode.py \$9\$U-iqf36A1cSTzRSreXxDik.Tzn/CuBI
>> junos password decrypter
>> python version by matt hite
>> original perl version by kevin brintnall
>>
>> encrypted version: $9$U-iqf36A1cSTzRSreXxDik.Tzn/CuBI
>> decrypted version: ju&iper123
>>
>> Thanks,
>>
>> -M
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp@puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
>
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: Decode $9$ encrypted Junos secrets [ In reply to ]
Matt Hite writes:
>It's interesting to note just how many things are stored in $9$
>encrypted format: RADIUS secrets, IS-IS authentication keys, BGP MD5
>secrets, etc.

It's really obfuscation, not encryption. These are values that
have to be available in raw form to various software components.
So we have this "unreadable" type that obfuscates the values so
someone looking over your shoulder won't immediately know your
secrets.

In contrast, user passwords are encrypted in a "one way" method
using the normal md5 hash marker ("$1$"). These cannot be
reversed like the $9$ values.

Thanks,
Phil
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: Decode $9$ encrypted Junos secrets [ In reply to ]
On Tue, Mar 20, 2012 at 10:54 AM, Phil Shafer <phil@juniper.net> wrote:
> Matt Hite writes:
>>It's interesting to note just how many things are stored in $9$
>>encrypted format: RADIUS secrets, IS-IS authentication keys, BGP MD5
>>secrets, etc.
>
> It's really obfuscation, not encryption.  These are values that
> have to be available in raw form to various software components.
> So we have this "unreadable" type that obfuscates the values so
> someone looking over your shoulder won't immediately know your
> secrets.
>
> In contrast, user passwords are encrypted in a "one way" method
> using the normal md5 hash marker ("$1$").   These cannot be
> reversed like the $9$ values.

Absolutely. Your clarification is appreciated.

-M

_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: Decode $9$ encrypted Junos secrets [ In reply to ]
For one-way hash:

http://www.openwall.com/john/

Matt Hite [lists@beatmixed.com] wrote:
> On Tue, Mar 20, 2012 at 10:54 AM, Phil Shafer <phil@juniper.net> wrote:
> > Matt Hite writes:
> >>It's interesting to note just how many things are stored in $9$
> >>encrypted format: RADIUS secrets, IS-IS authentication keys, BGP MD5
> >>secrets, etc.
> >
> > It's really obfuscation, not encryption. ?These are values that
> > have to be available in raw form to various software components.
> > So we have this "unreadable" type that obfuscates the values so
> > someone looking over your shoulder won't immediately know your
> > secrets.
> >
> > In contrast, user passwords are encrypted in a "one way" method
> > using the normal md5 hash marker ("$1$"). ? These cannot be
> > reversed like the $9$ values.
>
> Absolutely. Your clarification is appreciated.
>
> -M
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp

--
The language of the totalist environment is characterized by the thought-terminating cliche. The most far-reaching and complex of human problems are compressed into brief, highly reductive, definitive-sounding phrases, easily memorized and easily expressed. These become the start and finish of any ideological analysis. - Robert Jay Lifton
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp