Cisco “Type 7” hash — Passlib v1.7.4 Documentation (original) (raw)
passlib.hash.cisco_type7 - Cisco “Type 7” hash¶
Danger
This is not a hash, this is a reversible plaintext encoding.This format can be trivially decoded.
New in version 1.6.
This class implements the “Type 7” password encoding used Cisco IOS. This is not actually a true hash, but a reversible XOR Cipher encoding the plaintext password. Type 7 strings are (and were designed to be) plaintext equivalent; the goal was to protect from “over the shoulder” eavesdropping, and little else. They can be trivially decoded. This class can be used directly as follows:
from passlib.hash import cisco_type7
encode password
h = cisco_type7.hash("password") h '044B0A151C36435C0D'
verify password
cisco_type7.verify("password", h) True pm.verify("letmein", h) False
to demonstrate this is an encoding, not a real hash,
this class supports decoding the resulting string:
cisco_type7.decode(h) "password"
Note
This implementation should work correctly for most cases, but may not fully implement some edge cases (see Deviations below). Please report any issues encountered.
Interface¶
class passlib.hash. cisco_type7¶
This class implements the “Type 7” password encoding used by Cisco IOS, and follows the PasswordHash API. It has a simple 4-5 bit salt, but is nonetheless a reversible encoding instead of a real hash.
The using() method accepts the following optional keywords:
| Parameters: | salt (int) – This may be an optional salt integer drawn from range(0,16). If omitted, one will be chosen at random. relaxed (bool) – By default, providing an invalid value for one of the other keywords will result in a ValueError. If relaxed=True, and the error can be corrected, a PasslibHashWarningwill be issued instead. Correctable errors includesalt values that are out of range. |
|---|
Note that while this class outputs digests in upper-case hexadecimal, it will accept lower-case as well.
This class also provides the following additional method:
classmethod decode(hash, encoding='utf-8')¶
decode hash, returning original password.
| Parameters: | hash – encoded password encoding – optional encoding to use (defaults to UTF-8). |
|---|---|
| Returns: | password as unicode |
Format & Algorithm¶
The Cisco Type 7 encoding consists of two decimal digits (encoding the salt), followed a series of hexadecimal characters, two for every byte in the encoded password. An example encoding (of "password") is 044B0A151C36435C0D. This has a salt/offset of 4 (04 in the example), and encodes password via 4B0A151C36435C0D.
Note
The following description may not be entirely correct with respect to the official algorithm, see the Deviations section for details.
The algorithm is a straightforward XOR Cipher:
- The algorithm relies on the following
ascii-encoded 53-byte constant:
"dsfd;kfoA,.iyewrkldJKDHSUBsgvca69834ncxv9873254k;fg87" - A integer salt should be generated from the range 0 .. 15. The first two characters of the encoded string are the zero-padded decimal encoding of the salt.
- The remaining characters of the encoded string are generated as follows: For each byte in the password (starting with the 0th byte), the
_i_’th byte of the password is encoded as follows:- let
j=(i + salt) % 53 - XOR the
_i_’th byte of the password with the_j_’th byte of the magic constant. - encode the resulting byte as uppercase hexadecimal, and append to the encoded string.
- let
Deviations¶
This implementation differs from the official one in a few ways. It may be updated as more information becomes available.
- Unicode Policy:
Type 7 encoding is primarily used withASCIIpasswords, how it handles other characters is not known.
In order to provide support for unicode strings, Passlib will encode unicode passwords usingUTF-8before running them through this algorithm. If a different encoding is desired by an application, the password should be encoded before handing it to Passlib. - Magic Constant:
Other implementations contain a truncated 26-byte constant instead of the 53-byte constant listed above. However, it is likely those implementations were merely incomplete, as they exhibit other issues as well after the 26th byte is reached (throwing an error, truncating the password, outputing garbage), and only worked for shorter passwords. - Salt Range:
All known test vectors contain salt values inrange(0,16). However, the algorithm itself should be able to handle any salt value inrange(0,53)(the size of the key). For maximum compatibility with other implementations, Passlib will acceptrange(0,53), but only generate salts inrange(0,16). - While this implementation handles all known test vectors, and tries to make sense of the disparate implementations, the actual algorithm has not been published by Cisco, so there may be other unknown deviations.
Footnotes
| [1] | Description of Type 7 algorithm -http://pen-testing.sans.org/resources/papers/gcih/cisco-ios-type-7-password-vulnerability-100566,http://wiki.nil.com/Deobfuscating_Cisco_IOS_Passwords |
|---|