added vpn scripts
This commit is contained in:
parent
6560762504
commit
ec0003bfa8
72 changed files with 424909 additions and 0 deletions
66
vpn/ike-scan-1.9/TODO
Normal file
66
vpn/ike-scan-1.9/TODO
Normal file
|
|
@ -0,0 +1,66 @@
|
|||
$Id: TODO 9882 2007-01-13 17:15:39Z rsh $
|
||||
|
||||
Write custom packet creation code. This would allow an arbitrary IKE packet
|
||||
to be created and sent. The generation rules would be some sort of
|
||||
specification file as command-line arguments are not flexible enough for this
|
||||
task. Probably parse with yacc/lex to avoid having to write C string handling
|
||||
and pattern matching. This would override any command-line options that
|
||||
define the packet such as --aggressive, --auth, --trans, --dhgroup Etc.
|
||||
|
||||
Add option for XML output for easier machine readability.
|
||||
|
||||
Decode the currently unhandled ID types: ID_IPV6_ADDR, ID_IPV6_ADDR_SUBNET,
|
||||
ID_IPV6_ADDR_RANGE, ID_DER_ASN1_DN, and ID_DER_ASN1_GN (I've never seen these
|
||||
used though).
|
||||
|
||||
Use Token Bucket algorithm for packet transmission to allow higher output
|
||||
rates, esp. when minimum select() wait is relatively large.
|
||||
|
||||
Allow --trans options to be specified as inclusive ranges. This would add
|
||||
a host entry for each transform attribute in the range, which could be used
|
||||
to determine which attributes a server supports.
|
||||
|
||||
Add an option to include all known vendor IDs to the outgoing packet.
|
||||
Suggested by Max Kosmach. This would require a more complex structure to
|
||||
hold the vendor IDs as the current one only contains the pattern to match
|
||||
which cannot simply be used as the outgoing VendorID as it may contain
|
||||
metacharacters.
|
||||
|
||||
Allow a variable number of packets in the UDP backoff pattern. Some VPN
|
||||
servers will return different numbers of packets, but still have a unique
|
||||
pattern.
|
||||
|
||||
Add support for Main Mode PSK cracking using a MitM attack. Suggested by
|
||||
Anton Rager.
|
||||
|
||||
Allow an id file to be specified, which would contain multiple identities
|
||||
(usernames). Each identity would create a separate host entry, with a
|
||||
pointer to the associated ID so that it could be correctly displayed.
|
||||
|
||||
Increase PSK cracking speed by using faster hash functions. Possibilities
|
||||
include Jean-Luc Cooke's MD5crk MD5 cores which use SIMD instructions.
|
||||
|
||||
Allow sending of zero values for all the various parameters. For 1 and 2-byte
|
||||
sized parameters, this can be achieved by using int instead of unsigned and
|
||||
using -1 to represent the default rather than 0. For 4-byte values, it
|
||||
requires a separate flag variable. Another option is to define a struct like:
|
||||
|
||||
struct value {
|
||||
int flag;
|
||||
unsigned val;
|
||||
}
|
||||
|
||||
Add support for multiple psk-crack processes using MPI for inter-process
|
||||
communication. This should enable psk-crack to run much faster on multi-
|
||||
core CPUs.
|
||||
|
||||
Add support for IKE MitM attack, similar to FakeIKEd at
|
||||
http://www.roe.ch/FakeIKEd
|
||||
|
||||
Support custom transforms for IKEv2.
|
||||
|
||||
Display notification of NAT-T encapsulation.
|
||||
|
||||
Fix alignment problem in display_packet() when payload has an odd size,
|
||||
resulting in the next payload starting at an odd address. This causes
|
||||
bus error on SPARC.
|
||||
Loading…
Add table
Add a link
Reference in a new issue