What's new

DHCP Backup

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

If ASUS are even halfway competent (hardly a given in this context), it won't be reversible because it's not encryption at all but a one-way hash function.

(Digression: you might be able to guess a string that hashes to the same hash code, which'd let you log in; but the odds of it being the same as the user's real password are tiny. The reason this approach is considered the minimum acceptable standard nowadays is that it protects users who are silly enough to use the same password for multiple services. Even if you get their hashed password out of service X and are able to reverse-engineer some string with the same hash (after much computation), it likely won't let you into their account on service Y.)

I gather from reading this thread that they used to not obscure the stored password at all, which is several steps below awful. I hope that when they fixed that, they brought it up to something approaching minimum-acceptable-practice-for-the-last-couple-decades, which would be hashing not true (i.e. reversible) encryption.
It's definitely reversible. When you export the router settings the password is exported in plain text. Trying to access it via the nvram command though it's encrypted. Based on the source code it looks like there are pw_enc and pw_dec functions to do the encrypting and decrypting of the password. They are closed source though.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top