LolCat 5509 Part 1

About two years and a half ago I was looking for any type of high end Cisco equipment to learn on, fuzz, reverse, etc. As it turns out it isn’t the easiest thing to get your hands on a piece of affordable top end gear. After spending a few months looking for some new equipment I called off the search and began to focus on other projects.

LolCat5509

Not long after I quit looking I got a call from a friend that was at a computer recycling shop near where I lived. He had two Cisco 5509s for $80. Willing to take my chances that I’d be able to fix or part them back to health I had them purchased and he was kind enough to deliver them to my door the next week.

LolCat5509

LolCat5509

I cut a notch into a standard power cable and both booted right up! No fuss, no debugging, and no logic analyzer needed. I consoled into the device and our eyes both went wide at the same time. They still had their running configuration.

LolCat5509

We paged through line after line of config, kerb keys, password hashes, username -> port assignment, acls, it was all still intact.

LolCat5509

Dumbfounded we looked at each other and called our friends at the company domain that was listed.

LolCat5509

By dumb luck we both knew several of the individuals on their security team and emailed them pictures of what we had found.

LolCat5509

Apparently this caused a fire drill of which I am never allowed to speak. Much of the credential information we had gleaned was still valid on large parts of their network.

LolCat5509

Having talked to them about the aftermath. Three different processes had failed. The company was supposed to wipe the gear before it was deracked. The reseller it was sold to promised to wipe the gear before it was sold. The recycler claimed they also wiped everything that came in the door. All three processes happily failed leaving me with two LolCat5509s.

LolCat5509

Two years later I have no need for 12u worth of switch anymore. I’ve decided to spiff up my remaining 5509 and return it to the company from once it came. Stay tuned for more updates of the Lolcat5509.

2 responses to “LolCat 5509 Part 1

  1. Javantea October 12, 2009 at 6:50 pm

    Excellent story, reminds us all that wipe means wipe even if you don't have a power cable. Did you return it to the company with the hello kitty mod?

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: