#!/usr/bin/perl
#
#   ciscopasswd
#       by fat bloke
#
#   I copied this off a shell script by clever bloke" EDO"
#   His offering used loads of Unix commands that I have never heard of
#
#      This simple script extracts and cracks any >service encryption<
#      passwords out of a router config  do get this do > write term 
#      at router prompt 
#
while ( <>)
{
if ( /word\ 7\ [01]??/ )
{
print $_ ;
$pwline = $_ ;
$pwline =~ s/^.*word\ 7\ // ;
do_pass( $pwline );
}
}

sub do_pass()
{
 my($parm) =  @_  ;

 print " password = " ;
# XOR block
$block='dsfd;kfoA,.iyewrkldJKDHSUB' ;
# get salt and password from parm
$salt = substr($parm,0,2);
# get the encrypted password
 $passwd = substr($parm,2,length($parm)-2 );
#
# 
$len =          length($passwd) ; 

$shortblok = substr( $block, $salt, $len );
$xblock ="";
for ($i=0; $i < $len ; $i++)  
{

# convert to a block of hex chars
$xx =   substr($shortblok,$i,1)     ;
$xx =  sprintf("%x" ,ord( $xx) ) ;

$xblock = $xblock . $xx ;
}
# now XOR the lot
for ($i=0; $i < ($len -2 ) ; $i+=2)  
{
$xx =   substr($passwd,$i,2)     ;
$yy =   substr($xblock,$i,2)     ;
$j1=sprintf("%c",hex($xx));
$j2=sprintf("%c",hex($yy));
print  $j1^$j2;

}
 print    "\n"  ;
}

exit
#