本文共 9302 字,大约阅读时间需要 31 分钟。
原理:启动时绕过 startup-config 的配置 (enable 密码保存在 startup-config 中 ) ,然后重新配置 enable 密码。 如果要使路由器在启动时绕过 startup-config 的配置,只有修改配置寄存器的值。正常情况下配置寄存器的值是 0x2102==0010.0001.0 0 00.0010 ,其中第三段的第 2 个比特位可以控制路由器的启动顺序。如果该位为 0 ,则启动时候运行 startup-config 的配置,如果该位为 1 则忽略 startup-config 的配置,而进入 setup 模式。 从通信服务器上进入某一路由器(以二楼第一机房 6 号路由器 C2600 为例) Trying r6 (10.0.0.1, 2006)... Open 关闭路由器电源再打开,然后按下 CTRL 键,不停地按 Break 键,直到出现 rommon1> 为止,使路由器进入 ROM Moniror 模式。 System Bootstrap, Version 12.2(7r) [cmong 7r], RELEASE SOFTWARE (fc1) Copyright (c) 2002 by cisco Systems, Inc. C2600 platform with 131072 Kbytes of main memory monitor: command "boot" aborted due to user interrupt rommon 1 > confreg 0x2142 改变寄存器的值,让路由器忽略 startup-config 的配置,而进入 Setup 模式 You must reset or power cycle for new config to take effect System Bootstrap, Version 12.2(7r) [cmong 7r], RELEASE SOFTWARE (fc1) Copyright (c) 2002 by cisco Systems, Inc. C2600 platform with 131072 Kbytes of main memory program load complete, entry point: 0x80008000, size: 0xe688c8 Self decompressing the image : ################################################# ################################################################################ ################################################################################ ########################## [OK] smart init is sizing iomem 00036B 0X00103980 C2611XM Dual Fast Ethernet 0X000F3BB0 public buffer pools 0X00211000 public particle pools If any of the above Memory Requirements are "UNKNOWN", you may be using an unsupported configuration or there is a software problem and system operation may be compromised. Rounded IOMEM up to: 5Mb. Using 3 percent iomem. [5Mb/128Mb] Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. San Jose, California 95134-1706 Cisco Internetwork Operating System Software IOS (tm) C2600 Software (C2600-IK8O3S-M), Version 12.2(11)T, RELEASE SOFTWARE ( TAC Support: [url]http://www.cisco.com/tac[/url] Copyright (c) 1986-2002 by cisco Systems, Inc. Compiled Thu 01-Aug-02 12:47 by ccai Image text-base: 0x8000809C, data-base: 0x818188F4 Compliance with U.S. Export Laws and Regulations - Encryption This product performs encryption and is regulated for export This product is not authorized for use by persons located outside the United States and Canada that do not have prior approval from Cisco Systems, Inc. or the U.S. Government. This product may not be exported outside the U.S. and Canada either by physical or electronic means without PRIOR approval of Cisco Systems, Inc. or the U.S. Government. Persons outside the U.S. and Canada may not re-export, resell, or transfer this product by either physical or electronic means without prior approval of Cisco Systems, Inc. or the U.S. cisco 2611XM (MPC860P) processor (revision 0x100) with 125952K/5120K bytes of me Processor board ID JAD07020UQK (3078295415) M860 processor: part number 5, mask 2 X.25 software, Version 3.0.0. 2 FastEthernet/IEEE 802.3 interface(s) 32K bytes of non-volatile configuration memory. 32768K bytes of processor board System flash (Read/Write) --- System Configuration Dialog --- Would you like to enter the initial configuration dialog? [yes/no]: no 不进入对话模式 退回到 EXEC 模式 Press RETURN to get started! *Mar 1 00:00:14.046: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state t *Mar 1 00:00:14.046: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state t *Mar 1 00:00:15.048: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthern et0/0, changed state to down *Mar 1 00:00:15.048: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthern et0/1, changed state to down *Mar 1 00:00:20.613: %LINK-5-CHANGED: Interface FastEthernet0/0, changed state *Mar 1 00:00:20.613: %LINK-5-CHANGED: Interface FastEthernet0/1, changed state *Mar 1 00:00:22.384: %SYS-5-RESTART: System restarted -- Cisco Internetwork Operating System Software IOS (tm) C2600 Software (C2600-IK8O3S-M), Version 12.2(11)T, RELEASE SOFTWARE ( TAC Support: [url]http://www.cisco.com/tac[/url] Copyright (c) 1986-2002 by cisco Systems, Inc. Compiled Thu 01-Aug-02 12:47 by ccai *Mar 1 00:00:22.384: %SNMP-5-COLDSTART: SNMP agent on host Router is undergoing Router#copy startup-config running-config 使路由器以前的配置生效,保证以前的配置不丢失。 Destination filename [running-config]? 702 bytes copied in 2.488 secs (282 bytes/sec) Router#config terminal 进入全局模式 Enter configuration commands, one per line. End with CNTL/Z. Router(config)#no enable password 删除使能密码 Router(config)#no enable secret 删除加密的使能密码 Router(config)#config-register 0x2102 把配置寄存器的值改回来,否则以后每次重新启动路由器都进入 setup 模式 Router#copy running-config startup-config 保存当前配置 Destination filename [startup-config]? Building configuration... Proceed with reload? [confirm] *Mar 1 00:06:14.950: %SYS-5-RELOAD: Reload requested by console. System Bootstrap, Version 12.2(7r) [cmong 7r], RELEASE SOFTWARE (fc1) Copyright (c) 2002 by cisco Systems, Inc. C2600 platform with 131072 Kbytes of main memory program load complete, entry point: 0x80008000, size: 0xe688c8 Self decompressing the image : ################################################# ################################################################################ ################################################################################ ########################## [OK] smart init is sizing iomem 00036B 0X00103980 C2611XM Dual Fast Ethernet 0X000F3BB0 public buffer pools 0X00211000 public particle pools If any of the above Memory Requirements are "UNKNOWN", you may be using an unsupported configuration or there is a software problem and system operation may be compromised. Rounded IOMEM up to: 5Mb. Using 3 percent iomem. [5Mb/128Mb] Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. San Jose, California 95134-1706 Cisco Internetwork Operating System Software IOS (tm) C2600 Software (C2600-IK8O3S-M), Version 12.2(11)T, RELEASE SOFTWARE ( TAC Support: [url]http://www.cisco.com/tac[/url] Copyright (c) 1986-2002 by cisco Systems, Inc. Compiled Thu 01-Aug-02 12:47 by ccai Image text-base: 0x8000809C, data-base: 0x818188F4 Compliance with U.S. Export Laws and Regulations - Encryption This product performs encryption and is regulated for export This product is not authorized for use by persons located outside the United States and Canada that do not have prior approval from Cisco Systems, Inc. or the U.S. Government. This product may not be exported outside the U.S. and Canada either by physical or electronic means without PRIOR approval of Cisco Systems, Inc. or the U.S. Government. Persons outside the U.S. and Canada may not re-export, resell, or transfer this product by either physical or electronic means without prior approval of Cisco Systems, Inc. or the U.S. cisco 2611XM (MPC860P) processor (revision 0x100) with 125952K/5120K bytes of me Processor board ID JAD07020UQK (3078295415) M860 processor: part number 5, mask 2 X.25 software, Version 3.0.0. 2 FastEthernet/IEEE 802.3 interface(s) 32K bytes of non-volatile configuration memory. 32768K bytes of processor board System flash (Read/Write) Press RETURN to get started! *Mar 1 00:00:13.942: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state t *Mar 1 00:00:13.942: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state t *Mar 1 00:00:15.132: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthern et0/0, changed state to down *Mar 1 00:00:15.132: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthern et0/1, changed state to down *Mar 1 00:00:16.610: %SYS-5-CONFIG_I: Configured from memory by console *Mar 1 00:00:17.924: %LINK-5-CHANGED: Interface FastEthernet0/0, changed state *Mar 1 00:00:17.928: %LINK-5-CHANGED: Interface FastEthernet0/1, changed state *Mar 1 00:00:20.424: %SYS-5-RESTART: System restarted -- Cisco Internetwork Operating System Software IOS (tm) C2600 Software (C2600-IK8O3S-M), Version 12.2(11)T, RELEASE SOFTWARE ( TAC Support: [url]http://www.cisco.com/tac[/url] Copyright (c) 1986-2002 by cisco Systems, Inc. Compiled Thu 01-Aug-02 12:47 by ccai User Access ar 1 00:00:20.424: %SNMP-5-COLDSTART: SNMP agent on host Router is undergoing a cold startVerification 本文转自凌激冰51CTO博客,原文链接:http://blog.51cto.com/dreamfire/98101,如需转载请自行联系原作者