PingingLab傳世經典系列《CCNA完全配置寶典》-1.7 密碼恢復

1.7 密碼恢復

實驗目的：

1、掌握路由器密碼恢復。

2、掌握交換機密碼恢復。

實驗拓撲：

實驗步驟：

一、路由器密碼恢復

1、斷開電源，重啓路由器，並按住Ctrl+break組合鍵，進入rommon模式，

如下：

System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1)

Copyright (c) 2000 by cisco Systems, Inc.

Cisco 2621 (MPC860) processor (revision 0x200) with 253952K/8192K bytes of memory

Self decompressing the p_w_picpath :

#############

monitor: command "boot" aborted due to user interrupt

rommon 1 >

2、修改路由器配置寄存值爲0x2142，重啓路由器，如下：

rommon 1> confreg 0x2142

rommon 2 > reset

System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1)

Copyright (c) 2000 by cisco Systems, Inc.

Cisco 2621 (MPC860) processor (revision 0x200) with 253952K/8192K bytes of memory

Self decompressing the p_w_picpath :

########################################################################## [OK]

Restricted Rights Legend

Use, duplication, or disclosure by the Government is

subject to restrictions as set forth in subparagraph

(c) of the Commercial Computer Software - Restricted

Rights clause at FAR sec. 52.227-19 and subparagraph

(c) (1) (ii) of the Rights in Technical Data and Computer

Software clause at DFARS sec. 252.227-7013.

cisco Systems, Inc.

170 West Tasman Drive

San Jose, California 95134-1706

Cisco Internetwork Operating System Software

IOS (tm) C2600 Software (C2600-I-M), Version 12.2(28), RELEASE SOFTWARE (fc5)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2005 by cisco Systems, Inc.

Compiled Wed 27-Apr-04 19:01 by miwang

Cisco 2621 (MPC860) processor (revision 0x200) with 253952K/8192K bytes of memory

Processor board ID JAD05190MTZ (4292891495)

M860 processor: part number 0, mask 49

Bridging software.

X.25 software, Version 3.0.0.

2 FastEthernet/IEEE 802.3 interface(s)

32K bytes of non-volatile configuration memory.

63488K bytes of ATA CompactFlash (Read/Write)

--- System Configuration Dialog ---

Continue with configuration dialog? [yes/no]:

Continue with configuration dialog? [yes/no]:

Continue with configuration dialog? [yes/no]:

可以看到，由於配置寄存值的原因，路由器沒有讀取本地配置文件。

3、進入正常操作模式，恢復配置並刪除密碼，如下：

①恢復配置

Router#copy startup-config running-config

Destination filename [running-config]?

520 bytes copied in 0.416 secs (1250 bytes/sec)

R1#

②查看配置

R1#show run

Building configuration...

Current configuration : 563 bytes

!

version 12.2

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname R1

enable secret 5 $1$mERr$SFZOwQ08LKBCxfyaONDzp.

username PingingLab secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0

③刪除密碼

R1(config)#no username PingingLab

R1(config)#no enable secret

R1(config)#line con 0

R1(config-line)#no login local

若設備本身的配置文件對我們意義不大的話，則建議直接採用write erase清空配置。

4、修改配置寄存值，如下：

R1(config)#config-register 0x2102

查看配置寄存值

R1#show version

Cisco Internetwork Operating System Software

IOS (tm) C2600 Software (C2600-I-M), Version 12.2(28), RELEASE SOFTWARE (fc5)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2005 by cisco Systems, Inc.

Compiled Wed 27-Apr-04 19:01 by miwang

Image text-base: 0x8000808C, data-base: 0x80A1FECC

ROM: System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1)

Copyright (c) 2000 by cisco Systems, Inc.

ROM: C2600 Software (C2600-I-M), Version 12.2(28), RELEASE SOFTWARE (fc5)

System returned to ROM by reload

System p_w_picpath file is "flash:c2600-i-mz.122-28.bin"

Cisco 2621 (MPC860) processor (revision 0x200) with 253952K/8192K bytes of memory

.

Processor board ID JAD05190MTZ (4292891495)

M860 processor: part number 0, mask 49

Bridging software.

X.25 software, Version 3.0.0.

2 FastEthernet/IEEE 802.3 interface(s)

32K bytes of non-volatile configuration memory.

63488K bytes of ATA CompactFlash (Read/Write)

Configuration register is 0x2142 (will be 0x2102 at next reload)

5、保存配置並重啓路由器。

R1#write

Building configuration...

[OK]

R1#reload

Proceed with reload? [confirm]

此時，路由器密碼恢復成功。

二、交換機密碼恢復

1、斷開電源，重啓交換機，並按住交換機面板上的“mode”鍵盤，進入switch：模式並初始化文件系統，如下：

switch:

switch:flash_init

2、修改交換機默認配置文件的名字，重啓交換機，如下：

switch:rename flash:config.text flash:config2.text

switch:boot

3、進入正常模式後，恢復配置並刪除密碼，如下：

①恢復配置

swith#copy flash:config2.text run

SW1#

②查看配置

SW1#show running-config

Building configuration...

Current configuration : 1145 bytes

!

version 12.2

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname SW1

enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0

username PingingLab secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0

③刪除密碼

SW1(config)#no username PingingLab

SW1(config)#no enable secret

SW1(config)#line console 0

SW1(config-line)#no login local

SW1(config-line)#exit

若交換機本身配置對我們沒有意義，則建議直接清空配置。

4、修改交換機配置文件名字到默認命名，如下：

SW1#rename flash:config2.text flash:config.text

5、保存配置並重啓交換機。

SW1#write

Building configuration...

[OK]

SW1#reload

此時交換機密碼恢復成功。

==========================================

PingingLab ·高品質IT教育提供商

CCIE 實驗室·IT項目實戰·高端人才定製

深圳拼客信息科技有限公司·廣州大學城外環西路站

新浪微博：@拼客科技PingingLab  @PingingLab-陳鑫傑

PingingLab微信公衆號：pinginglab

PingingLab技術交流羣：240920680