Codebase list ike-scan / HEAD check-psk-crack-3
HEAD

Tree @HEAD (Download .tar.gz)

check-psk-crack-3 @HEADraw · history · blame 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
#!/bin/sh
# The IKE Scanner (ike-scan) is Copyright (C) 2003-2007 Roy Hills,
# NTA Monitor Ltd.
#
# This file is part of ike-scan.
#
# ike-scan is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# ike-scan is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with ike-scan.  If not, see <http://www.gnu.org/licenses/>.
#
# check-psk-crack-3 -- Shell script to test psk-crack for Nortel style hashes
#
# Author: Roy Hills
# Date: 19 November 2004
#
# This shell script checks that psk-crack works for Nortel Contivity MD5 and
# SHA1 based hashes.  The Nortel contivity VPN client uses a proprietary
# authentication mechanism, based on Mamro's Pre-Shared Key Extensions for
# ISAKMP/Oakley.
#
TMPFILE=/tmp/ike-scan-test.$$.tmp
MD5PSK=/tmp/nortel-md5-psk.$$.tmp
SHA1PSK=/tmp/nortel-sha1-psk.$$.tmp
DICTFILE=/tmp/ike-dict-file.$$.tmp

# Create PSK parameter files with known pre-shared keys.
# These parameters were generated using ike-scan 1.8.4 and Nortel Contivity
# server software v6.00.310.  In both cases, the username is "test", and the
# pre-shared key is "abc123"
echo "d629dabe8c05c518767cc19826f27f30769dee778143e0f7625647058f9e9788c67f32fc8fcdb40b1dc59c91b8001554bcf795b6e69562f7dfd1c16760a13e7abe22e9af399c4500e66f72287f0b943dcf20d2d7f0edd5dc7a7d8d94928b46e9:fc831092e3b20a9f9213dbed92adb7f52b6527b94ea563a25659f610b70d1a2e2c196d5c288ed235ab155e5ba5355d65d64ea3e56b98ee117d73c47d3648085a93a8331be5579df466a6b67a005fae9bdd38c090791df9b6ef6314bb9efdf13e:5bb290ba45868004:bcc589f4ac89e296:000000010000000100000024010100010000001c0101000080010001800200018003000180040001ffff001a:01000000c0a87c98:044010b3e3f3231853c86b242bd64a12e9d8449e:852dea148d592231ed90b386c8dabe7f97fd270b:1774127c7adf7bf24ce777a632d21679" > $MD5PSK
echo "5f05e0324d421068c9d4a451ca6a6857762414dbdba9a15dab352f15aba604ced62cf32e87e36353f040691ef9b9fcd1b16379b1644489bd7dc3ecd1f7cb7c419795e9fd92f20392ef11e844e8b55261a7e272b2bd18dd3cdf9975f19ffdc47d:5dc25f869238b9b74c9fdec9447a16d1fb782be82c170587a02e303d37a848819488868a0795094532123446450a61b761ee24e783e799a66322e7e9337c8630a10621e5beb5d780fac715931a933d548e1c3f0c1ccf2bbe1bbd040c17fb03c2:945420d37bbe1d5b:4c101f369a221302:000000010000000100000024010100010000001c0101000080010001800200028003000180040001ffff001a:01000000c0a87c98:92a836a290f70df19959f6ab9e50a3e52b40ba88:dc17a196d52d3ce0527dd53eb534951dc48de290:3a60067bfb3db5118702dde8f2eb7c3860ff6f75" > $SHA1PSK
#
# Create dictionary file
echo "notthisone"  > $DICTFILE
echo "NotThisOne" >> $DICTFILE
echo "NextOne"    >> $DICTFILE
echo "abc123"     >> $DICTFILE
echo "xyz123"     >> $DICTFILE
#
echo "Checking psk-crack bruteforce with Nortel Contivity MD5 hash ..."
$srcdir/psk-crack --norteluser=test --bruteforce=6 --charset=abc123 $MD5PSK >$TMPFILE
if test $? -ne 0; then
   rm -f $TMPFILE
   rm -f $DICTFILE
   rm -f $MD5PSK
   rm -f $SHA1PSK
   echo "FAILED"
   exit 1
fi
grep '^key "abc123" matches MD5 hash ' $TMPFILE >/dev/null
if test $? -ne 0; then
   rm -f $TMPFILE
   rm -f $DICTFILE
   rm -f $MD5PSK
   rm -f $SHA1PSK
   echo "FAILED"
   exit 1
fi
echo "ok"
#
echo "Checking psk-crack bruteforce with Nortel Contivity SHA1 hash ..."
$srcdir/psk-crack --norteluser=test --bruteforce=6 --charset=abc123 $SHA1PSK > $TMPFILE
if test $? -ne 0; then
   rm -f $TMPFILE
   rm -f $DICTFILE
   rm -f $MD5PSK
   rm -f $SHA1PSK
   echo "FAILED"
   exit 1
fi
grep '^key "abc123" matches SHA1 hash ' $TMPFILE >/dev/null
if test $? -ne 0; then
   rm -f $TMPFILE
   rm -f $DICTFILE
   rm -f $MD5PSK
   rm -f $SHA1PSK
   echo "FAILED"
   exit 1
fi
echo "ok"
#
echo "Checking psk-crack dictionary with Nortel Contivity MD5 hash ..."
$srcdir/psk-crack --norteluser=test --dictionary=$DICTFILE $MD5PSK >$TMPFILE
if test $? -ne 0; then
   rm -f $TMPFILE
   rm -f $DICTFILE
   rm -f $MD5PSK
   rm -f $SHA1PSK
   echo "FAILED"
   exit 1
fi
grep '^key "abc123" matches MD5 hash ' $TMPFILE >/dev/null
if test $? -ne 0; then
   rm -f $TMPFILE
   rm -f $DICTFILE
   rm -f $MD5PSK
   rm -f $SHA1PSK
   echo "FAILED"
   exit 1
fi
echo "ok"
#
echo "Checking psk-crack dictionary with Nortel Contivity SHA1 hash ..."
$srcdir/psk-crack --norteluser=test --dictionary=$DICTFILE $SHA1PSK > $TMPFILE
if test $? -ne 0; then
   rm -f $TMPFILE
   rm -f $DICTFILE
   rm -f $MD5PSK
   rm -f $SHA1PSK
   echo "FAILED"
   exit 1
fi
grep '^key "abc123" matches SHA1 hash ' $TMPFILE >/dev/null
if test $? -ne 0; then
   rm -f $TMPFILE
   rm -f $DICTFILE
   rm -f $MD5PSK
   rm -f $SHA1PSK
   echo "FAILED"
   exit 1
fi
echo "ok"
#
rm -f $TMPFILE
rm -f $DICTFILE
rm -f $MD5PSK
rm -f $SHA1PSK