压在透明的玻璃上c-国产精品国产一级A片精品免费-国产精品视频网-成人黄网站18秘 免费看|www.tcsft.com

　　在實際工作中碰到一款PIX 506的防火墻，由于密碼設置時間久遠，客戶公司中已經無人知道設備的密碼，查閱CISCO資料及網上資料后，將密碼破解，問題得以解決。

　　以下是破解的準備工作及過程：

　　準備工作：根據PIX IOS的版本下載以下文件

　　
　　The appropriate binary file， depending on the PIX software version you run：

　　np70.bin(7.x and 8.0 release)

　　np63.bin(6.3 release)

　　np62.bin(6.2 release)

　　np61.bin(6.1 release)

　　np60.bin(6.0 release)

　　np53.bin(5.3 release)

　　np52.bin(5.2 release)

　　np51.bin (5.1 release)

　　np50.bin (5.0 release)

　　np44.bin (4.4 release)

　　nppix.bin (4.3 and earlier releases)

　　Note： You need to determine what .bin file to use， which depends upon the PIX code that your PIX currently runs irrespective of the BIOS version.

　　具體步驟：（PIX Without a Floppy Drive）

　　Complete these steps to recover your password：

　　1.

　　Install a serial terminal or a PC with terminal emulation software on the PIX console port.

　　2.

　　Verify that you have a connection with the PIX， and that characters are going from the terminal to the PIX， and from the PIX to the terminal.

　　Note： Because you are locked out， you only see a password prompt.

　　3.

　　Immediately after you power on the PIX Firewall and the startup messages appear， send a BREAK character or press the ESC key. The monitor> prompt is displayed. If needed， type ？ (question mark) to list the available commands.

　　4.

　　Use the interface command to specify which interface the ping traffic should use. For floppiless PIXes with only two interfaces， the monitor command defaults to the inside interface.

　　5.

　　Use the address command to specify the IP address of the PIX Firewall's interface.

　　6.

　　Use the server command to specify the IP address of the remote TFTP server containing the PIX password recovery file.

　　7.

　　Use the file command to specify the filename of the PIX password recovery file. For example， the 5.1 release uses a file named np51.bin.

　　8.

　　If needed， enter the gateway command to specify the IP address of a router gateway through which the server is accessible.

　　9.

　　If needed， use the ping command to verify accessibility. If this command fails， fix access to the server before continuing.

　　10.

　　Use the tftp command to start the download.

　　11.

　　As the password recovery file loads， this message is displayed：

　　Do you wish to erase the passwords？ [yn]y Passwords have been erased.

　　Note： If there are Telnet or consoleaaa authentication commands in version 6.2， the system also prompts to remove these.

　　12.

　　The default Telnet password after this process is "cisco." There is no default enable password. Go into configuration mode and issue the passwd your_password command to change your Telnet password and the enable password your_enable_password command to create an enable password， and then save your configuration.

　　monitor>interface 0

　　0： i8255X @ PCI(bus：0 dev：13 irq：10)1： i8255X @ PCI(bus：0 dev：14 irq：7 ) Using 0： i82559 @ PCI(bus：0 dev：13 irq：10)， MAC： 0050.54ff.82b9

　　monitor>address 10.21.1.99

　　address 10.21.1.99

　　monitor>server 172.18.125.3

　　server 172.18.125.3

　　monitor>file np52.bin

　　file np52.bin

　　monitor>gateway 10.21.1.1

　　gateway 10.21.1.1

　　monitor>ping 172.18.125.3

　　Sending 5， 100-byte 0xf8d3 ICMP Echoes to 172.18.125.3， timeout is 4 seconds：?。。。?！Success rate is 100 percent (5/5)

　　monitor>tftp

　　tftp np52.bin@172.18.125.3 via 10.21.1.1……………………………..Received 73728 bytes Cisco Secure PIX Firewall password tool (3.0) #0： Tue Aug 22 23：22：19 PDT 2000Flash=i28F640J5 @ 0x300BIOS Flash=AT29C257 @ 0xd8000 Do you wish to erase the passwords？ [yn] yPasswords have been erased. Rebooting….說明：當我們直連的時候也就不存在網關的概念了。

   文章來源：http://136464.blog.51cto.com/126464/1601042