Zywall 5 Admin password

Hi There,

I have a Zywall 5 firewall and I am unsure of the admin Password. I do not want to reset the firewall as I dont know what is configured on it.( New customer) and they dont have password.

Question - is there any other way to get into this device without doing a factory reset.

 Any help would be great.
ItomicltdAsked:
Who is Participating?
 
Rick HobbsRETIREDCommented:
It is pretty easy and self explanatory.  I have used it for intrusion protection clients and to recover a PIX password.  Give it a try and let me know if you have any questions.
0
 
nociSoftware EngineerCommented:
Not that i know of.

You might be able to crack the password if you can save the config file (or have a saved config file).
(Having it for other setting might also be handy, to restore the settings manually using the config).

m.vr.gr.
Nico
0
 
ItomicltdAuthor Commented:
I dont  have a config file, is there a way to get it, without logging into the firewall ??
0
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

 
nociSoftware EngineerCommented:
Our spare zywall 5 is unavailable until after the weekend, so i can't test right now.
0
 
Rick HobbsRETIREDCommented:
No there isn't.  Try to find out who set it up and it there are any other devices with passwords he/she/they set up.  They may have used the same password.  A final option is to download Accessdiver and try a dictionary or brute force attack on it.  Also, make sure the default username and password are not being used.  The default password is 1234.
0
 
ItomicltdAuthor Commented:
Thanks for you help, I have tried the default details and nojoy.

I have used accessdiver before, how easy it it you use and would you have any guide lines ?
0
 
ItomicltdAuthor Commented:
Thanks, but i am abit stuck getting the following

Lists that you need to have before you get started:
1. a word list
2. a proxy list


would you have any of the above ?? Thanks
0
 
nociSoftware EngineerCommented:
Have you checked out johntheripper...
http://www.openwall.com/john/

It contains some wordlist & password generators for testing.
0
 
Rick HobbsRETIREDCommented:
Looking at the Zyall information and accessdiver, I am not sure Accessdiver will work because it is made for Username/Password and the Zywall just uses Password.  You can start with the default it comes with to see what you get.  I got most of my wordlists from astalavista.box.sk.

I haven't tried johntheripper mentioned above, but you may want to check it out.
0
 
nociSoftware EngineerCommented:
If telnet hasn't been disable on the zywall you can try telnet (maybe ssh) using admin as username.
0
 
ItomicltdAuthor Commented:
Hi There,

Telnet will still prompt for the password, which I dont have. The Zywall 5 only requires a password, so I dont think the accessdiver will work to crack the password ?

Think I will just have to reset it, or if any one has naything else that might help.

Cheers
0
 
Rick HobbsRETIREDCommented:
Try jontheripper.  The site has instructions and examples
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.