17

So Cisco switches uses MD5 for password hashing. Huh.

Comments
  • 6
    Mmm yes much security very yes

    Sorry, what year is it?
  • 4
    Probably not even the worst security flaw in those garbage cans.
  • 2
    AAAAAAAAAAAHHHHHHHH
  • 4
    You need a physical connection to get to them most of the time, but yes, cisco code sucks in general.
  • 6
    It's md5 crypt, not plain md5.
    Of course Cisco should use better ones. On the other hand, many embedded routers use the same algorithm.

    Description of md5 crypt: https://passlib.readthedocs.io/en/...
  • 1
    It isn't secure but it's not *that* bad... I mean it's not MD5, it's MD5-crypt with minimum of 64bit salt and 1k rounds. Most JavaScript developers wouldn't even understand how to code a script that cracks it, let alone, estimate how much time it'd take.
  • 2
    @cprn What does JavaScript developers have to do with this?
  • 0
    @ScriptCoded Currently most learned programming language in the world.
  • 3
    @cprn Every single time hashing or hashing algrithms get brought up there's spmeone like you in the comments. I really should just make a copypasta out of this because its tiring writing this up every time, but i digress:

    Hashing dictionaries and repos for attacks exist. That is to say, a repo of pre-computed values of common dictionary passwords. Any script kiddie can use these flawlessly, as its just lines of text.

    The biggest issue is using hashing at all; hashing should only ever be used for identification. For passwords you should be using encryption, and asymmetric encryption in a best case scenario.

    I'm not saying you dont know any of this already, I'm just saying that was a dumb thing to write down and submit.
  • 0
    @arcsector Dude. Those switches require physical access via console cable. Nobody cares about hashing algorithms when you can send everything to flames. Also, try to understand what you're reading - I don't disagree with you or the poster about how unsafe it is, I'm correcting him because there's a light years difference between plain MD5 and MD5-based CRYPT. So stop your sjw bullshit.
  • 5
    @cprn This has literally fucking nothing to do with sjw, what the hell are you on about?
  • 3
    @cprn
    What arc said. Maddog5-crypt hasn't been considered safe since the early part of the last decade. It's too fast, in 2010 you could too 1M/aps on cheap hardware. It was the culprit behind the notorious linkedin hack.

    Also remember that when you're talking managed switches and routers the vector is they have direct access to the hashes in /etc/shadow, so the webui doesn't factor in to the equation. Cisco needs to at least update to SHA-512 on their scrambler.
  • 2
    @arcsector When you're saying encryption, I'm assuming you mean encrypting information with a password, not encrypting the password itself?
  • 2
    @arcsector We are talking about password storage here, not encryption with a password.

    Hashing (of course salted, multiple rounds, memory hard, etc.) is the only possible way here.
  • 0
    @sbiewald @ScriptCoded no. You should be asymmetrically ENCRYPTING your passwords at rest and in memory. Hashing implies symmetry. You don't want that.
  • 2
    @arcsector Hashing does not imply symmetry - more specifically it implies exactly nothing as hashing is keyless.
    Hashing != encryption.

    Passwords in authentication databases (we are talking about the /etc/shadow and equivalent here) must be stored in a way the plaintext cannot be recovered at all.

    With any form of _encryption_ the (encrypted) password can be decrypted. This is usually not intended.

    As a reference you may look at https://cheatsheetseries.owasp.org/...
  • 2
    @sbiewald so because these two terms' distinction has been so blurred by varying levels of documentation, i can tell we both agree on a couple things:

    1. Asymmetry is a necessity (you cant go from encoded back to decoded, and the same inputs shouldnt give you the exact same output)
    2. Salting is a necessity

    I'll call it here since this thread would just devolve into a deeper conversation that the security community as a whole really needs to solve once and for all (the difference in a cryptographic setting between hashing and encrypting). I'll even admit that i probably should be saying "hashing using salted, asymmetrical algorithms", but i digress...
  • 4
    @arcsector I get what you wanted to express and we can agree on it.

    "Asymmetric" is still the wrong term here. This is term used for public key cryptography.
    Hashing is one-way (is that what you wanted to say?) per definition.

    The difference between hashing and encrypting is clearly defined, but people misuse the latter term when meaning the former so more people think those terms are interchangeable...
  • 1
    @PrivateGER Security Justice Warrior promotes one and only POV on security regardless of context, doesn't accept it's circumstantial and doesn't understanding the specifics or implications. I used sjw as a jest but the meaning stands. It's a person pushing their own bullshit without hearing what other people are saying. I never disagreed MD5-Crypt is insecure, I highlighted it's not as bad as plain MD5 but he somehow heard me claiming MD5 is OK for password storage.

    @SortOfTested I never said Cisco isn't due for security upgrade but what Arc says contradicts itself because he confuses hashing with encryption. It's nonsense.

    @arcsector Hashing is the only way to go with passwords. Asymmetric encryption means data cannot be decrypted with the same key that was used for encryption. Hashing means a one way function so data can't be decrypted at all. Dictionaries you describe (rainbow tables) don't work OOB with MD5-Crypt - you need knowledge of salt and number of rounds to use them.
Add Comment