About Sha1 :
Sha-1 is a cryptographic function that takes as input a 2^64 bits maximum length message, and outputs a 160 bits hash, 40 caracters. Sha-1 is an improvement of Sha-0, it was created by the NSA, and improve cryptographic security by increasing the number of operations before a collision (theory says 2^63 operations), however Sha-1 is not considered as secure because 2^63 could be reach pretty easily. It was replaced by Sha-2 (224, 256, 384 and 512 bits), and more recently by Sha-3. Like Md5, Sha-1 is an unilateral function, to decrypt the plaintext behind a hash, you have to confront it to a online database. This website allows you to compare your Sha1 hashes and decrypt it if you're lucky, thanks to our efficient online database. This database contains 15,183,605,161 words, coming from all the wordlists I was able to find online. I then computed for days to enlarge the database and make it really unique, which will help you into Sha1 decryption.
About security, Sha-1 is not considered anymore as a secure hash type. If you still want to use it (and you should instead use Sha-2 functions), you should consider using a salt to make hackers life harder. A salt consist in a string you add to the user password before hashing it. This string could be a random sequence, a timestamp, or anything that will make the password harder to be found.
KB ID 0000940
Problem
Decrypt Type 7 Cisco Passwords
The Internet is full of sites that have something like the tool below, tap your ‘encrypted’ password in and it will reveal the Cisco password.
As you can see I’ve specifically written ‘obfuscated’ above, because the password isn’t actually encrypted at all. All that happens is the Vigenere algorithm is used to obfuscate the password. While tools like the one above are all well and good, your Cisco router will do exactly the same for you, to demonstrate, paste the following into the tool above.
Juniper Encrypted Password Crack 1 0
107D1C09560521580F16693F14082026351C1512
Hopefully you will get the password Sup3rS3cr#tP@ssword.
Your router can also convert that to clear text for you;
So whats the point of these type 7 passwords? Well the only real benefit of them is if someone is looking over your shoulder while you are looking at the config, they can’t see actual passwords in the config.
![Encrypted Encrypted](/uploads/1/2/6/5/126508735/297480167.png)
The passwords in my config are in clear text? That’s because there are three levels of password storage 0 (not encrypted), 7 (weakly encrypted), and (5 strongly encrypted). If you want to convert your config to display them as 7 you need to enter the service password-encryption command;
![Juniper encrypted password crack 1 7 Juniper encrypted password crack 1 7](/uploads/1/2/6/5/126508735/206795489.jpeg)
Iphone Backup Encrypted Password
If Type 7 passwords are so weak, how do I use Type 5 passwords? When creating accounts use the secret command like so;
Displays in the config as;