August 2009

cisco-decrypt.c

/* Decoder for password encoding of Cisco VPN client.
Copyright (C) 2005 Maurice Massar
Thanks to HAL-9000@evilscientists.de for decoding and posting the algorithm!This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/

/*
Requires libgcrypt version 1.1.90 or newer
Compile with:
gcc -Wall -o cisco-decrypt cisco-decrypt.c $(libgcrypt-config --libs --cflags)
Usage:
./cisco-decrypt DEADBEEF...012345678 424242...7261
*/

#include <stdio.h>
#include <stdlib.h>
#include <gcrypt.h>
#include <errno.h>

int hex2bin_c(unsigned int c)
{
if ((c >= '0')&&(c <= '9'))
return c - '0';
if ((c >= 'A')&&(c <= 'F'))
return c - 'A' + 10;
if ((c >= 'a')&&(c <= 'f'))
return c - 'a' + 10;
return -1;
}

int hex2bin(const char *str, char **bin, int *len)
{
char *p;
int i, l;

if (!bin)
return EINVAL;

for (i = 0; str[i] != '\0'; i++)
if (hex2bin_c(str[i]) == -1)
return EINVAL;

l = i;
if ((l & 1) != 0)
return EINVAL;
l /= 2;

p = malloc(l);
if (p == NULL)
return ENOMEM;

for (i = 0; i < l; i++)
p[i] = hex2bin_c(str[i*2]) << 4 | hex2bin_c(str[i*2+1]);

*bin = p;
if (len)
*len = l;

return 0;
}

int c_decrypt(char *ct, int len, char **resp, char *reslenp)
{
const char *h1 = ct;
const char *h4 = ct + 20;
const char *enc = ct + 40;

char ht[20], h2[20], h3[20], key[24];
const char *iv = h1;
char *res;
gcry_cipher_hd_t ctx;
int reslen;

if (len < 48)
return 0;
len -= 40;

memcpy(ht, h1, 20);

ht[19]++;
gcry_md_hash_buffer(GCRY_MD_SHA1, h2, ht, 20);

ht[19] += 2;
gcry_md_hash_buffer(GCRY_MD_SHA1, h3, ht, 20);

memcpy(key, h2, 20);
memcpy(key+20, h3, 4);
/* who cares about parity anyway? */

gcry_md_hash_buffer(GCRY_MD_SHA1, ht, enc, len);

if (memcmp(h4, ht, 20) != 0)
return -1;

res = malloc(len);
if (res == NULL)
return -1;

gcry_cipher_open(&ctx, GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, 0);
gcry_cipher_setkey(ctx, key, 24);
gcry_cipher_setiv(ctx, iv, 8);
gcry_cipher_decrypt(ctx, (unsigned char *)res, len, (unsigned char *)enc, len);
gcry_cipher_close(ctx);

reslen = len - res[len-1];
res[reslen] = '\0';

if (resp)
*resp = res;
if (reslenp)
*reslenp = reslen;
return 0;
}

int main(int argc, char *argv[])
{
int i, len, ret = 0;
char *bin, *pw;

gcry_check_version(NULL);

for (i = 1; i < argc; i++) {
ret = hex2bin(argv[i], &bin, &len);
if (ret != 0) {
perror("decoding input");
continue;
}
ret = c_decrypt(bin, len, &pw, NULL);
free(bin);
if (ret != 0) {
perror("decrypting input");
continue;
}
printf("%s\n", pw);
free(pw);
}

exit(ret != 0);
}

Download: cisco-decrypt

cisco-decrypt.c Read More »

Windows – Reset resolution from registry

Durante una migrazione di datacenter mi è capitato di aver fuori uso la console di un server perchè la risoluzione della scheda video è fuori range del monitor, avendo accesso RDP la soluzione è presto trovata dal registro di sistema nella seguente posizione:

My Computer\HKEY_CURRENT_CONFIG\System\CurrentControlSet\Control\VIDEO

Trovando la stringa “Monitor” si potrebbe cambiare direttamente la risoluzione, ma personalmente ho cancellato tutto il contenuto e riavviato così facendo ha ricreato le configurazione di default.

Windows – Reset resolution from registry Read More »

OpenSSH – Generate server key

OpenSSH require different keys depending if you use SSH1 or SSH2 protocol. All keys are generated by “ssh-keygen” commad, that one should be available on your system with the ssh package. Default key lengths are also appropriate (2048 bits for rsa and 1024 bits for dsa)
For SSH1 protocol, you need a rsa1 key generated has follow:

# ssh-keygen -q -f /etc/ssh/ssh_host_key -N '' -t rsa1

For SSH2 protocol, you need two keys, one rsa key and one dsa key generated has follow:

# ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa
# ssh-keygen -f /etc/ssh/ssh_host_dsa_key -N '' -t dsa

OpenSSH – Generate server key Read More »

Cisco ASA – Enable SSH

If you have tried to setup SSH access on a new ASA, it might not have worked the way you wanted. That is because the RSA keys need to be generated first. To do that:

from configure terminal:

fw01/act(config)# crypto key generate rsaINFO: The name for the keys will be:

Keypair generation process begin. Please wait…

And then configure SSH to be allowed from the inside interface:

fw01/act(config)# ssh (inser your ip) (insert your netmask) outside

Now you can configure AAA and setup your own username.

First, a username needs to be created:

fw01/act(config)# username leonardo password mypassword privilege 15

And then configure AAA:

fw01/act(config)# aaa authentication ssh console LOCAL

Cisco ASA – Enable SSH Read More »