Perhaps, by using one of the attack methods described in this book, you have managed to obtain a device configuration file with encrypted passwords in it. Or maybe you are a chief system administrator or a security officer and you've harvested configuration files from all Cisco devices on your network to check the strength of all the passwords used. How do you go about cracking them?
Or perhaps the known attacks have failed, and you weren't able to discover and exploit a new vulnerability either. What you can still try out, apart from lateral hacking (attacking hosts in a close proximity to the target to install sniffing and man-in-the-middle attack tools), is social engineering and direct physical device access . Since wetware (the person operating a computer) is usually the weakest link, why not try your psychological manipulation skills against it? These types of attacks are reviewed in detail in this chapter.