I've received a few messages off list regarding the possibility of recovering (as opposed to just resetting) a cluster security password from a non-rooted, patched UCOS 6.x-9.x host. Short answer; yes, it's possible, contrary to the official responses...https://supportforums.cisco.com/thread/2164756 Disclaimer:What's discussed below is best done in a lab environment and should never be done in production. It may render your box unsupportable, make your hair fall out or give you the urge to bark like a dog in meetings. That being said, I've actually had to do this on a production host due to the fact that we inherited the environment but not all the passwords. The choice was either take one host down for 20 minutes to copy a file or take a longer outage on every host in the cluster as required by the official Cisco password reset process. Plus the official process is a change, so tack on a week to get approval from change management.http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/cucos/8_6_1/cucos/iptpch2.html Of course it's well known that the platformConfig.xml file contains the encrypted passwords, but so far I haven't found any existing utilities to perform the decryption. Ended up writing one in C# this weekend; could use some volunteers to test it if anyone is interested. You point it toward your plaformConfig.xml file and it will output the following... Localhost Admin Name & PasswordSFTP PasswordCluster Security PasswordApplication User Name & Password Needless to say, the hard part is extracting this file from a non-rooted, patched UCOS host... /usr/local/platform/conf/platformConfig.xml I've only found two surefire ways to do it without rooting, but both require shutting down the host and booting to a live Linux ISO. If you're using a VM, create a snapshot between shutting down and booting to the ISO. If you accidentally change/delete something or the UCOS volumes are not cleanly dismounted (you hit the power), you may very well hose the box. Local Copy to TFTP MethodCreate a scratch XML file on your workstation. Can't be zero-length, so enter some junk text.Upload scratch XML file to the host's TFTP directory using the GUI.Reboot the host to a live Linux ISO.Mount the '/' and '/common' volumes.Use 'cat' to copy the contents of platformConfig.xml to the scratch file in the TFTP directory. A straight copy would seem easier, but will not work due to the security settings of the newly created file.Reboot the host, let it boot to UCOS as usual.Use a TFTP client to download the scratch XML file from the host's TFTP server. Remote Copy MethodReboot the host to a live Linux ISO.Configure networking.Mount the '/' and '/common' volumes.Use your favorite remote copy method (TFTP, FTP, SCP) to copy platformConfig.xml to a remote host.Reboot the host, let it boot to UCOS as usual. The first option requires no knowledge of Linux; the second is more straightforward. I took screenshots of the first process just in case. But before I finish documenting I thought I'd check with the group. Does anyone have a better way to get at this file? Maybe one that doesn't involve shutting down the host? The only "shortcut" I've found so far takes advantage of a directory traversal bug which has been patched for some time...http://www.securityfocus.com/archive/1/520414 Thanks,Pete
_______________________________________________ cisco-voip mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-voip
