Itomicltd
asked on
Zywall 5 Admin password
Hi There,
I have a Zywall 5 firewall and I am unsure of the admin Password. I do not want to reset the firewall as I dont know what is configured on it.( New customer) and they dont have password.
Question - is there any other way to get into this device without doing a factory reset.
Any help would be great.
I have a Zywall 5 firewall and I am unsure of the admin Password. I do not want to reset the firewall as I dont know what is configured on it.( New customer) and they dont have password.
Question - is there any other way to get into this device without doing a factory reset.
Any help would be great.
ASKER
I dont have a config file, is there a way to get it, without logging into the firewall ??
Our spare zywall 5 is unavailable until after the weekend, so i can't test right now.
No there isn't. Try to find out who set it up and it there are any other devices with passwords he/she/they set up. They may have used the same password. A final option is to download Accessdiver and try a dictionary or brute force attack on it. Also, make sure the default username and password are not being used. The default password is 1234.
ASKER
Thanks for you help, I have tried the default details and nojoy.
I have used accessdiver before, how easy it it you use and would you have any guide lines ?
I have used accessdiver before, how easy it it you use and would you have any guide lines ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks, but i am abit stuck getting the following
Lists that you need to have before you get started:
1. a word list
2. a proxy list
would you have any of the above ?? Thanks
Lists that you need to have before you get started:
1. a word list
2. a proxy list
would you have any of the above ?? Thanks
Have you checked out johntheripper...
http://www.openwall.com/john/
It contains some wordlist & password generators for testing.
http://www.openwall.com/john/
It contains some wordlist & password generators for testing.
Looking at the Zyall information and accessdiver, I am not sure Accessdiver will work because it is made for Username/Password and the Zywall just uses Password. You can start with the default it comes with to see what you get. I got most of my wordlists from astalavista.box.sk.
I haven't tried johntheripper mentioned above, but you may want to check it out.
I haven't tried johntheripper mentioned above, but you may want to check it out.
If telnet hasn't been disable on the zywall you can try telnet (maybe ssh) using admin as username.
ASKER
Hi There,
Telnet will still prompt for the password, which I dont have. The Zywall 5 only requires a password, so I dont think the accessdiver will work to crack the password ?
Think I will just have to reset it, or if any one has naything else that might help.
Cheers
Telnet will still prompt for the password, which I dont have. The Zywall 5 only requires a password, so I dont think the accessdiver will work to crack the password ?
Think I will just have to reset it, or if any one has naything else that might help.
Cheers
Try jontheripper. The site has instructions and examples
You might be able to crack the password if you can save the config file (or have a saved config file).
(Having it for other setting might also be handy, to restore the settings manually using the config).
m.vr.gr.
Nico