security-scripts/vpn/ike_guess_fw.pl
2013-06-04 17:07:08 +02:00

89 lines
3 KiB
Perl
Executable file

#!/usr/bin/perl -w
# ike-scan --trans=5,2,3,2 -o 212.55.202.146
# for i in 1 2 3 4 5 65001 65002 65003 65004 65005 65006 65007 65008 65009 65010 64221 ; do ./ike-scan --vendor=f4ed19e0c114eb516faaac0ee37daf2807b4381f --auth=$i -M 61.115.200.174; done
my $debug = 0;
my $fw = "1.2.3.4";
$fw = @_;
# define encryption alg. (RFC2409 App. A and RFC3602)
my %enc_n = (
1 => "DES-CBC", # DES-CBC
2 => "IDEA-CBC", # IDEA-CBC
3 => "Blowfish-CBC", # Blowfish-CBC
4 => "RC5-R16-B64-CBC", # RC5-R16-B64-CBC
5 => "3DES-CBC", # 3DES-CBC
6 => "CAST-CBC", # CAST-CBC
"7/256" => "AES/256", # AES-256
);
# define hashing alg. (RFC2409 App. A)
my %hash_n = (
1 => "MD5", # MD5
2 => "SHA1", # SHA1
3 => "Tiger", # Tiger
#4 => "SHA2_256",
#5 => "SHA2_384",
#6 => "SHA2_512",
);
# define authentication methods (RFC2409 App. A)
my %auth_n = (
1 => "PSK", # pre-shared key
2 => "DSS", # DSS signatures
3 => "RSA_SIG", # RSA signatures
4 => "RSA_ENC", # Encryption with RSA
5 => "RSA_RevEnc", # Revised encryption with RSA
65001 => "GSS", # GSS (Windows Kerberos). XAUTH
65002 => "XAUTH", # XAUTH
65003 => "XAUTH", # XAUTH
65004 => "XAUTH", # XAUTH
65005 => "XAUTH", # XAUTH
65006 => "XAUTH", # XAUTH
65007 => "XAUTH", # XAUTH
65008 => "XAUTH", # XAUTH
65009 => "XAUTH", # XAUTH
65010 => "XAUTH", # XAUTH
64221 => "FW1_AUTH", # Checkpoint hybrid authentication mode
);
# define diffie hellman groups (RFC209 App. A and RFC3526)
my %group_n = (
1 => "DH1[modp768]", # Group 1 (768 bit)
2 => "DH2[modp1024]", # Group 2 (1024 bit)
3 => "DH3[ec2n155]",
4 => "DH4[ec2n185]",
5 => "DH5[modp1536]", # Group 5 (1536 bit)
14 => "DH14[modp2048]", #
15 => "DH15[modp3072]", #
16 => "DH16[modp4096]", #
17 => "DH17[modp6144]", #
18 => "DH18[modp8192]", #
);
###############################################################################
# M A I N
foreach my $fw (@ARGV) {
print "Searching for suitable authentication method on $fw...\n";
foreach $enc (sort keys %enc_n){
foreach $hash (sort keys %hash_n){
foreach $auth (sort keys %auth_n){
foreach $group (sort { $a <=> $b } keys %group_n){
my $s1 = "$enc,$hash,$auth,$group";
# print "--trans=$enc,$hash,$auth,$group $enc_n{$enc},$hash_n{$hash,},$auth_n{$auth},$group_n{$group}";
printf "[%5s,%1s,%5s,%2s] %15s %8s %10s %14s",$enc,$hash,$auth,$group,$enc_n{$enc},$hash_n{$hash,},$auth_n{$auth},$group_n{$group};
@data=`ike-scan --vendor=f4ed19e0c114eb516faaac0ee37daf2807b4381f -M --trans=$enc,$hash,$auth,$group $fw`;
#@data=`ike-scan --vendor=4048b7d56ebce88525e7de7f00d6c2d3c0000000 -t 30 -M --trans=$enc,$hash,$auth,$group $fw`;
foreach $d (@data) {
if ($debug) { print "\n$d\n"; }
else { print " - $1 \n" if ($d=~m/VID=\w+ (\(.+\))\n/); }
}
print "\b" x 80;
print " " x 80;
print "\b" x 80;
}
}
}
}
}