Password Recovery for PIX Firewalls

Password Recovery

 

Passwords on the PIX are encrypted using Message Digest 5 (MD5) hash.The MD5 hash used on the PIX is significantly weaker than the Cisco type 5 hash used on Cisco routers. Cisco provides a technique for recovering passwords.

 

Download a PIX OS specific version of this software from the locations specified in Table below and run it to reset the password to the default, cisco. This application is run in monitor mode. Select and download the image for your PIX OS version.

 

Table of PIX Password Recovery Binaries

Version

Filename

URL

4.3 and earlier releases

nppix.bin

www.cisco.com/warp/public/110/nppix.bin

4.4 release

np44.bin

www.cisco.com/warp/public/110/np44.bin

5.0 release

np50.bin

www.cisco.com/warp/public/110/np50.bin

5.1 release

np51.bin

www.cisco.com/warp/public/110/np51.bin

5.2 release

np52.bin

www.cisco.com/warp/public/110/np52.bin

5.3 release

np53.bin

www.cisco.com/warp/public/110/np53.bin

6.0 release

np60.bin

www.cisco.com/warp/public/110/np60.bin

6.1 release

np61.bin

www.cisco.com/warp/public/110/np61.bin

6.2 release

np62.bin

www.cisco.com/warp/public/110/np62.bin

 

 

  1. Download the recovery image to your TFTP.
  2. Reboot the PIX.
  3. Within 10 seconds of the reboot, press Esc to enter monitor mode.
  4. Use the interface command to identify the network where the TFTP server is connected.
  5. Use the address command to address the interface.
  6. Use the server command to specify the IP address of the TFTP server.
  7. Use the gateway command to specify the default route if the TFTP server is on a remote network..
  8. Use the file command to specify the filename of the recovery image chosen in Step 1.
  9. Use the ping command to verify that you can connect to the TFTP server.
  10. Use the tftp command to start the download.

 

At this point, you should be prompted to erase the passwords. The default password has now been set to Cisco, with no enable password.