117 lines
4.1 KiB
Bash
Executable file
117 lines
4.1 KiB
Bash
Executable file
#!/bin/sh
|
|
# $Id: check-psk-crack-2 2469 2004-12-23 13:36:56Z rsh $
|
|
#
|
|
# check-psk-crack-2 -- Shell script to test psk-crack for MD5 and SHA1 hashes
|
|
#
|
|
# Author: Roy Hills
|
|
# Date: 19 November 2004
|
|
#
|
|
# This shell script checks that psk-crack works for MD5 and SHA1 based
|
|
# hashes.
|
|
#
|
|
TMPFILE=/tmp/ike-scan-test.$$.tmp
|
|
MD5PSK=/tmp/md5-psk.$$.tmp
|
|
SHA1PSK=/tmp/sha1-psk.$$.tmp
|
|
DICTFILE=/tmp/ike-dict-file.$$.tmp
|
|
|
|
# Create PSK parameter files with known pre-shared keys.
|
|
# These parameters were generated using ike-scan 1.6.4 and Checkpoint
|
|
# Firewall-1 NG AI R54. In both cases, the pre-shared key is "abc123"
|
|
echo "5c7916ddf8db4d233b3b36005bb3ccc115a73807e11a897be943fd4a2d0f942624cb00588d8b3a0a26502b73e639df217ef6c4cb90f96b0a3c3ef2f62ed025b4a705df9de65e33e380c1ba5fa23bf1f9911bbf388d0844256fa0131fc5cf8acb396936ba3295b4637b039d93f58db90a3a1cf1ef5051103bacf6e1a3334f9f89:fde8c68c5f324c7dbcbadde1d757af6962c63496c009f77cad647f2997fd4295e50821453a6dc2f6279fd7fef68768584d9cee0da6e68a534a097ce206bf77ecc798310206f3f82d92d02c885794e0a430ceb2d6b43c2aff45a6e14c6558382df0692ff65c2724eef750764ee456f31424a5ebd9e115d826bbb9722111aa4e01:b2a3c7aa4be95e85:756e3fa11c1b102c:00000001000000010000002c01010001000000240101000080010001800200018003000180040002800b0001000c000400007080:01000000ac100202:251d7ace920b17cb34f9d561bca46d037b337d19:e045819a64edbf022620bff3efdb935216584cc4:b9c594fa3fca6bb30a85c4208a8df348" > $MD5PSK
|
|
echo "9bdee7aa341cf1a6c19bc0191106b5056537ce6b837cd70678ea5a3ccb606b56dee4548feb67f24fd6f4d5f58967a9ff3c674d9d79e4195b7def5aac147c9fe9abdc2f8ba2eca58f4c863fedc7a8c8e1ad6e1551b1e44bf9a0e258561a5db1c2ca1e8b5dfda1b012012b6fdf24ecd07da6b10d76ab3b58d07b30b4f9da26aee4:c9b7ef0610a22b3e1c88b1a01ce4d4110edf6baa122ed1285eb2184cd75d30a11520a725c2d263de5a157f77f953880732f3b14521836d7f3585cb0ce3fcadf81c541dde2680bd81953cf88e8f8096c173470694ca7414fff9df0cdcdbb9d4f70ef1d6347293b507cfad965e2d2c1fa07326353e9a493d93284970040344fb11:3506592130312567:6c362583ce7a2a26:00000001000000010000002c01010001000000240101000080010001800200028003000180040002800b0001000c000400007080:01000000ac100202:84943233f42a0b5a9b33c327162fe0efee2545e4:76f451dce3fea6402b67f3fddae561ebdb4a6efe:f63f237b3c0f1fe57a5b852203cfd27cbf0c78d4" > $SHA1PSK
|
|
#
|
|
# Create dictionary file
|
|
echo "notthisone" > $DICTFILE
|
|
echo "NotThisOne" >> $DICTFILE
|
|
echo "NextOne" >> $DICTFILE
|
|
echo "abc123" >> $DICTFILE
|
|
echo "xyz123" >> $DICTFILE
|
|
#
|
|
echo "Checking psk-crack bruteforce with MD5 hash ..."
|
|
$srcdir/psk-crack --bruteforce=6 --charset=abc123 $MD5PSK >$TMPFILE
|
|
if test $? -ne 0; then
|
|
rm -f $TMPFILE
|
|
rm -f $DICTFILE
|
|
rm -f $MD5PSK
|
|
rm -f $SHA1PSK
|
|
echo "FAILED"
|
|
exit 1
|
|
fi
|
|
grep '^key "abc123" matches MD5 hash ' $TMPFILE >/dev/null
|
|
if test $? -ne 0; then
|
|
rm -f $TMPFILE
|
|
rm -f $DICTFILE
|
|
rm -f $MD5PSK
|
|
rm -f $SHA1PSK
|
|
echo "FAILED"
|
|
exit 1
|
|
fi
|
|
echo "ok"
|
|
#
|
|
echo "Checking psk-crack bruteforce with SHA1 hash ..."
|
|
$srcdir/psk-crack --bruteforce=6 --charset=abc123 $SHA1PSK > $TMPFILE
|
|
if test $? -ne 0; then
|
|
rm -f $TMPFILE
|
|
rm -f $DICTFILE
|
|
rm -f $MD5PSK
|
|
rm -f $SHA1PSK
|
|
echo "FAILED"
|
|
exit 1
|
|
fi
|
|
grep '^key "abc123" matches SHA1 hash ' $TMPFILE >/dev/null
|
|
if test $? -ne 0; then
|
|
rm -f $TMPFILE
|
|
rm -f $DICTFILE
|
|
rm -f $MD5PSK
|
|
rm -f $SHA1PSK
|
|
echo "FAILED"
|
|
exit 1
|
|
fi
|
|
echo "ok"
|
|
#
|
|
echo "Checking psk-crack dictionary with MD5 hash ..."
|
|
$srcdir/psk-crack --dictionary=$DICTFILE $MD5PSK >$TMPFILE
|
|
if test $? -ne 0; then
|
|
rm -f $TMPFILE
|
|
rm -f $DICTFILE
|
|
rm -f $MD5PSK
|
|
rm -f $SHA1PSK
|
|
echo "FAILED"
|
|
exit 1
|
|
fi
|
|
grep '^key "abc123" matches MD5 hash ' $TMPFILE >/dev/null
|
|
if test $? -ne 0; then
|
|
rm -f $TMPFILE
|
|
rm -f $DICTFILE
|
|
rm -f $MD5PSK
|
|
rm -f $SHA1PSK
|
|
echo "FAILED"
|
|
exit 1
|
|
fi
|
|
echo "ok"
|
|
#
|
|
echo "Checking psk-crack dictionary with SHA1 hash ..."
|
|
$srcdir/psk-crack --dictionary=$DICTFILE $SHA1PSK > $TMPFILE
|
|
if test $? -ne 0; then
|
|
rm -f $TMPFILE
|
|
rm -f $DICTFILE
|
|
rm -f $MD5PSK
|
|
rm -f $SHA1PSK
|
|
echo "FAILED"
|
|
exit 1
|
|
fi
|
|
grep '^key "abc123" matches SHA1 hash ' $TMPFILE >/dev/null
|
|
if test $? -ne 0; then
|
|
rm -f $TMPFILE
|
|
rm -f $DICTFILE
|
|
rm -f $MD5PSK
|
|
rm -f $SHA1PSK
|
|
echo "FAILED"
|
|
exit 1
|
|
fi
|
|
echo "ok"
|
|
#
|
|
rm -f $TMPFILE
|
|
rm -f $DICTFILE
|
|
rm -f $MD5PSK
|
|
rm -f $SHA1PSK
|