JunOS - Recover BGP password

When you need to recover missing BGP MD5 password on Juniper routers, you have the possibility to extract it from a specific file.

First, you have to start a shell:

alex@M10> start shell
% su -
Password:
root@M10%

After changing to the root user, you have the necessary permissions to view the file /var/etc/keyadmin.conf

root@M10% cd /var/etc/
root@M10% more keyadmin.conf
tcp 179 0.0.0.0 <IP address> md5 instance default 0x424157395877553351436a5263586b37
tcp 179 0.0.0.0 <IP address> md5 instance default 0x393831633666333463366663

Now you can convert the HEX keys back to MD5 with this small Perl one-liner:

perl -e 'print "Hex: ";$_=<>;print "MD5: ";s/(\w\w)/\1:/g;for (split(/:/)) {printf "%s", chr(hex($_))};print "\n"'
Hex: 0x424157395877553351436a5263586b37
MD5: BAW9XwU3QCjRcXk7

Leave a Reply

 

 

 

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>