• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 4228
  • Last Modified:

Viewing Pre-Shared Keys on a Netscreen Firewall

Anybody know if this is possible?  As far as I know, it's not, but I thought I'd ask, just to be sure.  (I work for an organization that does not have the pre-shared keys  - got lost somehow)
  • 2
1 Solution
Lieven EmbrechtsSenior IT ConsultantCommented:
what is stored in the config is an md5-hash, basically the result of a calculation.
the password routine wil do the same calculation and compare the resulting hashes.
so the actual password is not even stored.

it is possible to use a brute-force md5 hash cracking-tool (like MDcrack) but such a tool has to try every combination until it finds the same resulting hash. depending on the length of the password this will take a very long time.

so i think it is easier to overwrite the config file.  if you have physical access to the netscreen with a serial cable you an always login with username netscreen and password equal to the serial written on the box.

Just for fun: the netscreen md5-hash is not a standard md5 hash, it hash extra letters woven in it: if you read it from right to left you will read the letters from 'netscreen'.
so even if you decide to use a cracking tool you will have to change and recompile it to extract those extra 'netscreen' letters.

Agree with above. Sadly no way to get the passowrd from the config

networkengineer2004Author Commented:
To Lieven:

Note:  this is not about the password, it's about the pre-shared keys on VPN connections.  I can login to the box, but I don't know the pre-shared keys for most of the VPNs and Mgmt strongly wants to avoid the embarassment of going to the remote companies and asking for the VPN pre-shared keys.  So, that's the last and only desparate option.  Off the table for now.

So, I use a cracking tool.  Are you saying that after a while I get, say, for example, 123456netscreen as a pre-shared key once the tool is done?
Lieven EmbrechtsSenior IT ConsultantCommented:
more like 1n2e3t4s5c6r7e8e9n90, the effort will be huge, not only do you need to create a modified tool, in worst case it will have to calculate for weeks/months/years trying all combinations until it finds the correct hash.

if you use remote vpn software, you may have an .spd-file that you use to load the vpn settings on the vpn client.  you can open this .spd-file with a texteditor like notepad and search for the parameter UFQDN.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Firewall Management 201 with Professor Wool

In this whiteboard video, Professor Wool highlights the challenges, benefits and trade-offs of utilizing zero-touch automation for security policy change management. Watch and Learn!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now