unlock

How to recover a password on a Cisco router? - Packet Tracer

okay this tutorial is going to be about

how to recover a lost or forgotten

password on a Cisco router so password

recovery what we're gonna need is we got

a Cisco router we have a switch and a

client but we also have an

administrative computer that's been

hooked up to the router with a console

connection so a console port connection

with a console cable right and so what

we're gonna do is you're gonna need to

to be able to recover the password you

need to have a direct connection to the

router console connection so when you

have a console connection with your PC

you're going to need a program like

hyper terminal like this program here or

let's say putty or something like that

in the real world to console in so hyper

terminal these are the settings that you

need to hyper terminal in and you can

see if we get in there I'm in the router

now and I've got a hyper terminal

connection of console connection to the

router now the text here is a little bit

small so I'm going to use the tool here

on this if I click on the router I can

use this little command line interface

tool which the text I've set the text to

be a little bit bigger so let's put in

some basic configurations on the router

and then we will lose the password and

then we'll recover it so right off the

bat I'm in the past I'm in the router

here I've typed enable I've got into

privileged user mode and now I'm going

to do compte I'm gonna set the hostname

to r1 right and then what I'm gonna do

is I'm going to say interface FA

fastethernet 0/0 and I'll set the IP

address to 192.168.1.1 and then I'll

type no shutdown okay and now the

interface is up so we've have a few

configurations on the router and what

I'm going to do now is I'll say control

C I'm gonna set the password now that

we're gonna forget so we're gonna say

comp T to get to global config mode

enable secret so it's going to be this

will be the privileged user right the

administrative user password but it's

enable secrets

we'll be encrypted with md5 encryption

and I'm just going to type in some

gibberish and then hit enter so I'm not

going to be able to remember that right

so now I'll set ctrl C right I'll do a

show run and you can see there is the

password that I just put in and I don't

know what it is and it's been encrypted

you can see the the encrypted output

right here and the five indicating md5

encryption so now what we want to do is

we want to save our configuration copy

running-config

to startup config and we want it to be

the name startup config yes we just hit

enter and so we've saved our

configuration and we don't know what the

administrative password is the level 15

privileged user password what we want to

do now is before we restart the router

and lose our password I'm going to do a

show version command and in the show

version command you can see right off

the bat the system image file this is

the iOS this is the operating system for

the router it's in a bin file and this

is the bin file you can see the name

it's he tells you it's an 1841

router so this is the iOS image for an

1841 router it's using advanced IP

services this is the version version

12.4 revision 15 that kind of thing

right so then what we do is we hit

spacebar more and at the bottom of the

show version command you can see a bunch

of cool stuff you can see a little bit

about the processor about the Ethernet

ports how much NVRAM is on the is in the

router how big the flash memory is how

much flash memory is on there and also

this is important the configuration

register which equals 2102 now the

configuration register tells the router

that when it boots up that it needs to

pull the configuration from the startup

config file in NVRAM so this setting

right here tells it to look in NVRAM and

get the configuration file and then load

the configuration file to when the

router boots up into running config and

that's where our password is that we

don't know what it is right so we don't

know what it is so for instance now

if I type let's say exit right and now

I'm out of the router and then I hit

return to get started and I type in able

to get to privileged mode I don't know

what the password is right I can't get

into the router Oh No so we don't want

what the password is so what we need to

do is we need to recover our password so

how do we do that

well this is how we do it what we need

to do is well first of all we need to

recover this password and so we're going

to need to do is we're gonna need to

bounce the router so I go to physical

tab here's the on and off button on the

router and I'm gonna need to bounce this

router turn it off and then turn it back

on I'm gonna do that I'm pull us over to

the side then once I turn this router

off and on with the PC here which is

still hyper terminal dinh I will type

the break key on the keyboard right or

ctrl break or if you have a special

special FN key or you know command key

that needs to use anything that will

make the break key on your keyboard

board work it should be over by the

numbers right by the home button or the

Print Screen button you'll find the

break key button open over there

probably so now what we're gonna do is

we will we will bounce this router and

we will basically get into what's called

rom monitor mode which is a sub iOS

that's on the boot rom that will allow

us to recover the password or not just

recover the password it'll allow us to

have the router start and not and bypass

the configuration file in the startup

config so to do this once again you're

going to need a PC that is consoled in

to the router right you're gonna have to

have direct access to your router why

first you're going to need to turn it

off so I just turned off the router and

then I'm going to turn on the router and

then in this PC right here I'm going to

type the break key so I click in the

window here and hit break right alright

and I hit break try to do it quickly you

have 60 seconds to hit the break key

when you restart the router so while

this while the router is booting up and

decompressing the image that's when you

need to hit the break key

your keyboard so you have 60 seconds to

hit that break key on your keyboard and

you can see here that it says uh command

boot aborted right the booting of the of

the router has been aborted right and we

are what's in what's called rom monitor

mode right rom on one which is a sub

small iOS Lodha cated on the boot rom so

now I'll switch to the CLI here where

you can see the text a little bit bigger

so what we're gonna do is we're gonna

type in a command here comp reg how did

I get that well if I type in a question

mark hit enter you can see it's one of

the commands available you can see

there's not that many commands available

here right it's a little bit more

difficult to work with in ROM monitor

mode but all we need to do actually is

type kampf reg which allows us to access

the configuration register so we'll say

conf

reg and we'll say 0 X and instead of

putting 2102 we're gonna put 21 42 and

this is going to enable us to bypass the

startup config in NVRAM so we'll do that

we'll hit enter right and now what we'll

do is we'll hit reset which is a system

reset which will then restart the router

notice the routers resetting but we

change that configuration register to 21

42 which is going to now bypass the

NVRAM it's not going to grab that

configuration file you can see that

we're not in the in the normal

configuration it's asking us do we want

to do in a system wizard here initial

configuration dialog right we say no

right press return to get started notice

it no longer says r1 here at the prompt

it says router now I can type enable and

I'm in privileged user mode right so now

that I'm in privileged user mode what I

can do is I can say and you can see if I

do a show run command there's no

password on the router right so what I

can do now is I could say copy startup

config right where we have our stored

configuration - running config so I'll

do that and I'll hit enter and now

notice the prompt says back back to r1

and I can do a show run

and there's our enable secret encrypted

we don't know what it is but even though

we don't know what it is we have our

interface back up notice the interface

though at fastethernet 0/0 is is already

configured but it's in shutdown mode so

we need to do two things we need to one

quickly change our coffee tea quickly

change our Nabal secret so we'll say

enable secret class right which is the

default in the curriculum an able secret

class so now we we know what our

password is class and then what we can

do is we can go interface FA 0/0 and

then bring up our interface which is in

shutdown mode sono shut once we're done

control C whoops I almost forgot

something so I'm sticking it in after

the fact before we save our

configuration and say we're all done

what we need to do is if we do a quick

show version command you'll see that our

configuration register is still set to

2142 so it's gonna bypass the startup

config so even though we have recovered

our password and set a new password

right put our got our configuration back

and everything's up and running if we

turn off the router and restart the

router it's gonna bypass that

configuration file because the setting

here 2142 is in recovery mode and it

bypasses the NVRAM startup config so we

need to turn our configuration register

back to 2102 so to do that type compte

and then let's put a question mark in

and you can see that there's a command

config register so that's what we want

so we'll say config - register 0x 21:02

that will change our configuration

register back to normal so it will look

- NVRAM for the startup config file when

the router boots up that's what we want

now what we can do is we can do a

control C

and do a copy copy run start destination

file name startup config so we save our

configuration file we're all good now if

we were to reload the router and so now

we're actually restarting the router

basically we now should be able to use

our enable secret the password class to

get into the router so let's see we hit

enter notice r1 is still here so it

looks like it worked the naval class

show version and you can see that the

configuration register is now saved to

2102