Decrypt a Cisco VPN Password

Cisco uses relatively weak encryption to protect user and group passwords in a PCF file, and HAL-9000 of evilscientists.de discovered and posted the algorithm. This page uses cisco-decrypt.c written by Maurice Massar for the decryption.

Reference: Cisco Security Notice: Cisco IPsec VPN Implementation Group Password Usage Vulnerability

You can find the encrypted password by opening a PCF file and taking everything on the line after enc_GroupPwd= or enc_UserPassword=. For example with the following line

enc_GroupPwd=9196FE0075E359E6A2486905A1EFAE9A11D652B2C588EF3FBA15574237302B74C194EC7D0DD16645CB534D94CE85FEC4

The encrypted password would be:

9196FE0075E359E6A2486905A1EFAE9A11D652B2C588EF3FBA15574237302B74C194EC7D0DD16645CB534D94CE85FEC4

Enter the encrypted user or group password in the field below and press the Decode button to decrypt the password.

Cisco VPN Password Decryption

19 Responses to “Decrypt a Cisco VPN Password”

  1. lilian Says:

    Thanks !

    It works perfectly !

  2. Dmitry Says:

    Cheers, your VPN set up guide and VPN password decryption is as laconic as effective! Set up my VPN connection in 3 minutes

  3. MAK Says:

    Thanks a million ..

  4. Derek Brown Says:

    This is an absolute godsend. I am running Windows 7 x64, and since Cisco won't get with the times and offer a 64-bit IPSec VPN client, I am using a third party client from Shrew. The client works well enough, but there is no PCF import. Now I don't have to try and get the PSK from the remote party anymore, and can do my own version of a PCF import :)

  5. Corey Says:

    @Derek – Cisco has no plans to offer a 64-bit IPSec client either, instead they're pushing people towards their SSL VPN option, AnyConnect.

  6. Andy Says:

    Brilliant. Saved hours of faffing around when setting up VPN on iPhone.

    Cheers!

  7. fstyle.de » Blog Archive » University of Würzburg and Shew VPN Says:

    [...] here to decrypt the password from vpn-uniwue.pcf here http://coreygilmore.com/projects/decrypt-cisco-vpn-password/ (you could also copy the encrypted password to the file above at [...]

  8. Jeremy Says:

    Thanks! This allowed me to setup my VPN on my IPhone where I cannot use the PCF file.

  9. Joe Says:

    Jeremy or others that might be interested:
    I have Cisco VPN software on home desktop to connnect to work. I can see my name but the password has asterisks. This is under group authentication. I used the decrypted password for group password. Now for Iphone cisco I also have a place for account and password. This is in addition to the group name and secret which I guess are the name that I could see and the decrypted password. I am not sure what to put in for the account and password.

  10. mister Says:

    this is def a godsend. I've tried all kinds of Google searches until i stumbled onto the algorithm w/o knowing how to implement it. This way is very user friendly :)

    now I can finally use VPN on my iPhone!

    cheers

  11. Cisco VPN Client Password Encrypt / Decrypt « danejeffrey.com Says:

    [...] password from a PCF (profile) file. Fortunately, I recalled this was particularly simple given this [coreygilmore.com] awesome [...]

  12. marco Says:

    Thanks a lot. It worked perfectly.

  13. iPhone User Says:

    Thank you for making this decryption algorithm so easily accessible. You're a lifesaver for all of us with Cisco PCF files with encrypted "shared secret" passwords with IT staff not willing to share the secret.

  14. VPN on iPhone « Java Jill Says:

    [...] VPN on iPhone By jill I was having a little trouble setting up my iPhone to use VPN so I could connect to work… it needed something labeled "Secret" after the Group Name.  Then I found this handy site which would decode the encoded group password from the  .pcf file  here. [...]

  15. iPhone Says:

    Worked like a charm, I did this before for my iPod Touch but then I didn't find this site and had to spend a lot more time breakning it. When it ws time for configuring the iPhone I couldn't find my notes with the pwd, some googling got me here and hey presto, simple and perfect!

  16. Mustafa Gökhan Kurt Says:

    Hi there,

    How can i encrypted my password for cisco vpn pcf file.
    e.g
    password : my password

    encryped :905A1EFAE9A11D652B2C588EF3FBA15574237302B74C194EC7D0DD16645CB534D94CE85FEC4KJ5K6H5K6H5K65K6

    decryped : my password

    Could you please write me experience software or website.

    Thanks in advanced.

  17. Memoria de Acceso Aleatorio » links for 2009-10-12 Says:

    [...] corey gilmore: Descifrar el secreto de una VPN Cisco Si tienes instalada la utilidad VPN Client de Cisco, y usas Snow Leopard, o iPhone OS 3.0, es posible utilizar el cliente nativo que proporcionan estos sistemas operativos si analizamos el contenido de los perfiles de conexión de cisco en <tt>/private/etc/opt/cisco-vpnclient/Profiles/</tt>, y seguimos las instrucciones de esta página. (tags: IT Mac OSX SnowLeopard Cisco VPNclient configuration password decryption) [...]

  18. DY Says:

    Thanks a lot. It works~~

  19. schmuk Says:

    AWSOME! needed to set up iPHONE coreygilmore=genius!

Leave a Reply


© 2007-2010, Corey Gilmore | Posts RSS Feed | Comments RSS Feed | Contact

 

The views expressed on these pages are mine alone and not those of any past or present employer. All information presented on this site was obtained lawfully and not through disclosure under the terms of an NDA.