Released January 2003 (Initial release)
Published by royhills almost 11 years ago
Published by royhills almost 11 years ago
Published by royhills almost 11 years ago
This was an unofficial release, and no Windows zipfile was produced.
Published by royhills almost 11 years ago
Published by royhills almost 11 years ago
This was a bugfix release to fix the following issue:
Published by royhills almost 11 years ago
NOTE: This release contains a known bug, which was fixed in version 1.5.1
Published by royhills almost 11 years ago
Published by royhills almost 11 years ago
Improved "make check" tests, so they now check more areas including Pre-Shared Key cracking, HMAC and Hash speeds, and HMAC and Hash test vectors.
Added --nodns (-N) option to prevent DNS lookups. With this option, target hosts are not processed with gethostbyname(), which can avoid delays when the system running ike-scan does not have functioning DNS.
Added additional authentication methods and hash algorithms to the output decoding functions in isakmp.c
Added new psk-crack program to perform offline aggressive mode pre-shared key cracking using the output from ike-scan with the --pskcrack option. This psk-crack program supports both dictionary and brute-force cracking modes against MD5 and SHA1-based HMAC hashes.
Added ability to output aggressive mode pre-shared key (PSK) parameters for later offline cracking with the --pskcrack (-P) option. This option outputs the pre-shared key parameters as colon-separated hex-encoded values in the following format:
g_xr:g_xi:cky_r:cky_i:sai_b:idir_b:ni_b:nr_b:hash_r
These parameter details can be used by the psk-crack program (which is supplied as part of the ike-scan package) to attempt to crack the pre-shared key.
Added support for IKE over TCP with the --tcp (-T) option. Two TCP variants are supported:
Note that you can only scan one host at a time when using IKE over TCP.
When using TCP, you can modify the connect() timeout with the --tcptimeout (-O) option. Default timeout is 10 seconds.
Added experimental timing error smoothing code, which is based on the TCP RTT smoothing algorithm in RFC 793. This is disabled by default; to enable it, #define ALPHA in ike-scan.h
Allow the ID (Identity) payload that is specified with the --id option to be specified as either a string e.g. --id=test or a hex value with a leading 0x e.g. --id=0xdeadbeef. Note that you will probably need to change previous ID payload strings because of this change, as previously they were always interpreted as hex.
Added support for OpenSSL MD5 and SHA1 hash functions. These are generally faster than the hash functions supplied with ike-scan, which is of benefit when performing pre-shared key cracking.
To compile with OpenSSL, use the --with-openssl option to configure. With this option, configure will search for the OpenSSL libraries in several standard locations.
Added --random (-R) option to randomise the host list before scanning. This causes the hosts to be scanned in a random order, which may be less obvious than the default sequential scanning. The Knuth shuffle algorithm is used to randomise the list.
Changed host entry from a linked-list to a dynamic array which decreases the memory required from 56 bytes per target host to 45 bytes.
Added several new Vendor ID patterns.
Added several new UDP backoff patterns.
Published by royhills almost 11 years ago
Added many new vendor ID and UDP backoff patterns. There are now a total of 29 backoff patterns, and 135 vendor ID patterns.
Several bugs fixed in both psk-crack and ike-scan. Notable fixes include:
Added support for more flexible transform specification, which allows an arbitary number of transform attributes to be specified in any order.
This new method is specified by using an alternative syntax for the --trans option: --trans=(attr=value, ...). The old syntax of --trans=a,b,c,d is still available. Note that the brackets are special to some shells, and may need to be quoted.
Made the specification of the lifetime and lifesize transform attributes with the --lifetime and --lifesize options more flexible. Now, the argument to these options can take three different forms:
Changed default packet-rate calculation from interval to bandwidth. The default outgoing bandwidth is 56000 bits per second, and can be changed with the --bandwidth option. It is still possible to specify an inter-packet interval instead with the --interval option.
Display the version, flags and msgid from the ISAKMP header if they don't contain the expected value.
Decode and display CERTIFICATE, DELETE and NOTIFICATION payloads if they are received.
Display the responder cookie from the ISAKMP header unless quiet is in effect.
Display the SPI if its size is non-zero. Normally, the SPI size is zero during Phase-1, but I've observed some implementations to use a non-zero length, which is permitted by RFC 2408.
Added new options to allow more control of the outgoing packet. Note that some of these options can make the outgoing packet non RFC compliant:
The full help output is now only displayed if it is specifically requested by running ike-scan with the --help (-h) option. Usage errors now result in a smaller help output. This avoids outputting a multi-screen usage message just because of a typo on the command line.
drop root privilege after binding the local port if we are running SUID. This improves security somewhat.
Make POSIX regular expression support mandatory. Previously, it was optional, but I'm not aware of any supported systems that lack it, and we are using it in more and more places.
Improved mapping of ID numbers to names in decode. This allows sparse IDs ranges (e.g. 1,2,3,65000) to be supported, which means that we can now decode XAUTH authentication method amongst other things.
Added SO_BROADCAST option to UDP socket to allow sending to broadcast addresses. Previously this gave a permission denied error, even for root.
Added OpenSSL exception to the copyright notice, which permits linking of the program against OpenSSL. This is to allow the use of OpenSSL in this GPL v2 licensed program.
Published by royhills almost 11 years ago