added vpn scripts
This commit is contained in:
parent
6560762504
commit
ec0003bfa8
72 changed files with 424909 additions and 0 deletions
89
vpn/ike_guess_fw.pl
Executable file
89
vpn/ike_guess_fw.pl
Executable file
|
@ -0,0 +1,89 @@
|
|||
#!/usr/bin/perl -w
|
||||
# ike-scan --trans=5,2,3,2 -o 212.55.202.146
|
||||
# for i in 1 2 3 4 5 65001 65002 65003 65004 65005 65006 65007 65008 65009 65010 64221 ; do ./ike-scan --vendor=f4ed19e0c114eb516faaac0ee37daf2807b4381f --auth=$i -M 61.115.200.174; done
|
||||
my $debug = 0;
|
||||
my $fw = "1.2.3.4";
|
||||
$fw = @_;
|
||||
# define encryption alg. (RFC2409 App. A and RFC3602)
|
||||
my %enc_n = (
|
||||
1 => "DES-CBC", # DES-CBC
|
||||
2 => "IDEA-CBC", # IDEA-CBC
|
||||
3 => "Blowfish-CBC", # Blowfish-CBC
|
||||
4 => "RC5-R16-B64-CBC", # RC5-R16-B64-CBC
|
||||
5 => "3DES-CBC", # 3DES-CBC
|
||||
6 => "CAST-CBC", # CAST-CBC
|
||||
"7/256" => "AES/256", # AES-256
|
||||
);
|
||||
# define hashing alg. (RFC2409 App. A)
|
||||
my %hash_n = (
|
||||
1 => "MD5", # MD5
|
||||
2 => "SHA1", # SHA1
|
||||
3 => "Tiger", # Tiger
|
||||
#4 => "SHA2_256",
|
||||
#5 => "SHA2_384",
|
||||
#6 => "SHA2_512",
|
||||
);
|
||||
# define authentication methods (RFC2409 App. A)
|
||||
my %auth_n = (
|
||||
1 => "PSK", # pre-shared key
|
||||
2 => "DSS", # DSS signatures
|
||||
3 => "RSA_SIG", # RSA signatures
|
||||
4 => "RSA_ENC", # Encryption with RSA
|
||||
5 => "RSA_RevEnc", # Revised encryption with RSA
|
||||
65001 => "GSS", # GSS (Windows Kerberos). XAUTH
|
||||
65002 => "XAUTH", # XAUTH
|
||||
65003 => "XAUTH", # XAUTH
|
||||
65004 => "XAUTH", # XAUTH
|
||||
65005 => "XAUTH", # XAUTH
|
||||
65006 => "XAUTH", # XAUTH
|
||||
65007 => "XAUTH", # XAUTH
|
||||
65008 => "XAUTH", # XAUTH
|
||||
65009 => "XAUTH", # XAUTH
|
||||
65010 => "XAUTH", # XAUTH
|
||||
64221 => "FW1_AUTH", # Checkpoint hybrid authentication mode
|
||||
);
|
||||
# define diffie hellman groups (RFC209 App. A and RFC3526)
|
||||
my %group_n = (
|
||||
1 => "DH1[modp768]", # Group 1 (768 bit)
|
||||
2 => "DH2[modp1024]", # Group 2 (1024 bit)
|
||||
3 => "DH3[ec2n155]",
|
||||
4 => "DH4[ec2n185]",
|
||||
5 => "DH5[modp1536]", # Group 5 (1536 bit)
|
||||
14 => "DH14[modp2048]", #
|
||||
15 => "DH15[modp3072]", #
|
||||
16 => "DH16[modp4096]", #
|
||||
17 => "DH17[modp6144]", #
|
||||
18 => "DH18[modp8192]", #
|
||||
);
|
||||
|
||||
###############################################################################
|
||||
# M A I N
|
||||
foreach my $fw (@ARGV) {
|
||||
|
||||
print "Searching for suitable authentication method on $fw...\n";
|
||||
foreach $enc (sort keys %enc_n){
|
||||
foreach $hash (sort keys %hash_n){
|
||||
foreach $auth (sort keys %auth_n){
|
||||
foreach $group (sort { $a <=> $b } keys %group_n){
|
||||
my $s1 = "$enc,$hash,$auth,$group";
|
||||
# print "--trans=$enc,$hash,$auth,$group $enc_n{$enc},$hash_n{$hash,},$auth_n{$auth},$group_n{$group}";
|
||||
printf "[%5s,%1s,%5s,%2s] %15s %8s %10s %14s",$enc,$hash,$auth,$group,$enc_n{$enc},$hash_n{$hash,},$auth_n{$auth},$group_n{$group};
|
||||
@data=`ike-scan --vendor=f4ed19e0c114eb516faaac0ee37daf2807b4381f -M --trans=$enc,$hash,$auth,$group $fw`;
|
||||
#@data=`ike-scan --vendor=4048b7d56ebce88525e7de7f00d6c2d3c0000000 -t 30 -M --trans=$enc,$hash,$auth,$group $fw`;
|
||||
foreach $d (@data) {
|
||||
if ($debug) { print "\n$d\n"; }
|
||||
else { print " - $1 \n" if ($d=~m/VID=\w+ (\(.+\))\n/); }
|
||||
}
|
||||
print "\b" x 80;
|
||||
print " " x 80;
|
||||
print "\b" x 80;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
Loading…
Add table
Add a link
Reference in a new issue