It’s very regular issue who works for support team, who have the router/IOS configuration files but can’t retrieve the password. Even I don’t know how you faced the issue guys but it was very regular headache for me until i didn’t know this simple method to decrypt the IOS secrets! No, its by any tool or by any code on C/C++! It’s from the IOS itself!! Now let’s see how it works….

 

Let’s the username/password string we got from IOS is:

 

‘username cisco password 7 0822455D0A16554745’

 

Now we need to find out what’s the actual password encrypted to ‘7 0822455D0A16554745’. Now we will need to take help from another router and follow the command chains like below:

 

R3#conf t

R3(config)#key chain ?

WORD Key-chain name

 

R3(config)#key chain decryption

R3(config-keychain)#key ?

<0-2147483647> Key identifier

 

R3(config-keychain)#key 1

R3(config-keychain-key)#key-string 7 0822455D0A16554745

R3(config-keychain-key)#do sh key chain decryption

Key-chain decrypt:

key 1 — text “cisco007”

accept lifetime (always valid) – (always valid) [valid now]

send lifetime (always valid) – (always valid) [valid now]

R3(config-keychain-key)#

 

So the actual secret was ‘cisco007’!