cisco7crack

This tool is designed to crypt and decrypt Cisco Type 7 passwords, which are a weak form of password storage on Cisco IOS devices. Originally created for quick decryption of stored passwords, Type 7 passwords can be easily cracked by various tools, so their use should be avoided unless required by specific device features.

Use cases include recovering or auditing weak Cisco passwords from configuration files or device outputs during penetration testing or network security assessments. It supports both decryption of ciphertext (default) and encryption of plaintext into Type 7 format, with options to explore multiple encryption variants.

The tool is lightweight, with an installed size of 28 KB, and depends on libc6.

cisco7crack implements the reversible Cisco Type 7 password algorithm, a simple XOR-based cipher using a fixed key sequence. Decryption (-d, default) reverses the ciphertext to plaintext. Encryption (-c) applies the algorithm to plaintext, with -a showing all 16 possible variants (due to variable starting keys 0-15), and -#<n> selecting the n-th variant.