Cisco devices running the Cisco IOS have three types of ways to display passwords in the device configuration which include Type 0, Type 5, and Type 7. Below we describe all three methods of storing passwords in the Cisco IOS device configuration and how to obtain the password from each method either by simply reading the password, by quickly converting the password from the Cisco defined encryption algorithm, or by cracking MD5 UNIX password hashes.
I spent a lot of time the other night trying to find a perl script that would decode Cisco type 7 password hashes and many of them did not work properly. At first I thought I was doing something wrong however I am pretty sure that most of the scripts were just broken. Anyhow I finally located the below script on some site and I can’t remember where I found it so I wanted to post it here mostly for reference however if someone else finds it useful then that would be great. Below is the actual script itself followed by an example of using the script.