Tuesday, October 15, 2013

Find the plain text authentication of a peer RIP router

Followings commands can be useful if you need to use authenticated 'RIP updates' between 2 routers and whether you don't have access to the peer (you don't know the authentication message used by the peer). If it's a clear text, you can use the following debug:

access-list 100 permit udp any any eq rip
debug ip packet 100 dump

Normally, the password will appear in a clear text as below:

*Sep  4 17:27:54.815: IP: s=10.10.10.2 (FastEthernet/1), d=224.0.0.9, len 72, input feature

AC43C9C0:        0100 5E000009 AABBCC00 07030800    ..^...*;L.....
AC43C9D0:  45C00048 00000000 0111C4D0 0A0A0A02  E@.H......DP....
AC43C9E0:  E0000009 02080208 003453BE 02020000  `........4S>....
AC43C9F0:  FFFF0002 54455354 00000000 00000000  ....TEST........
AC43CA00:  00000000 00020000 0A010100 FFFFFF00  ................
AC43CA10:  00000000 00000001                    ........
Router#, MCI Check(68), rtype 0, forus FALSE, sendself FALSE, mtu 0

No comments:

Post a Comment