How to Break The Cisco Router Password

If you have forgotten the router’s enable secret password or someone has just given you a second-hand router, and you don’t know it, you need to decrypt it to configure it.

The first thing we need to do is to make sure that the IOS (operating system) is not loaded when the router is turned on, so press the CTRL + BREAK  keys for 60 seconds during boot. With this process, our device is opened with the operating system where mini IOS operations can be performed. ROMMON mode. (ROMMON mode is like a small operating system.)

Now we change the configuration register with the command  o/r 0x2142. Our router will no longer load the configuration from NVRAM at boot.

Turn off the router (using the reload command). Now that our old employee configuration cannot be loaded, IOS asks us step-by-step to create a new configuration.

After answering this question “NO”, the router appears as the default command line.

monitor: command “boot” aborted due to user interrupt
rommon 1 >
That tells us we’re in rommon mode. Here we can configure a few things. One of these is to ignore the startup-configuration to the router. The reason we do this is to ensure that the forgotten password is not reloaded.

router> enable when I type and press enter, we are now able to switch to enable mode.

router # sh startup-config; command, you can browse encrypted passwords.

rommon 1 >
rommon 2 > confreg 0x2142
With the above command (configuration-register 0x2142), we have told the router to ignore the startup configuration.

rommon 3 > reset

Now let’s copy the initial configuration to the current running configuration.

Router#copy startup-config running-config

Destination filename [running-config]?
599 bytes copied in 0.416 secs (1439 bytes/sec)
%SYS-5-CONFIG_I: Configured from the console by console

If the password was previously written with the enable password command, we have a chance to see the password, but if it is encrypted with enable secret, we cannot see it. So we need to enter conf t mode and change the password.

Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#enable secret our password
After changing our password, we should reset the configuration register to the default value. In this way, the device will not neglect the startup configuration again when restarted.
Router(config)#config-register 0x2102
Finally, we record the transactions.
%SYS-5-CONFIG_I: Configured from the console by console
Router#copy running-config startup-config    or
Destination filename [startup-config]?
Building configuration…
When the device restarts, we can now use the Router> enable command to configure the device with the password we set.