psk-crack
discover and fingerprint IKE hosts (IPsec VPN Servers)
Install
- All systems
-
curl cmd.cat/psk-crack.sh
- Debian
-
apt-get install ike-scan
- Ubuntu
-
apt-get install ike-scan
- Kali Linux
-
apt-get install ike-scan
- Fedora
-
dnf install ike-scan
- Windows (WSL2)
-
sudo apt-get update
sudo apt-get install ike-scan
- OS X
-
brew install ike-scan
- Raspbian
-
apt-get install ike-scan
- Dockerfile
- dockerfile.run/psk-crack
ike-scan
discover and fingerprint IKE hosts (IPsec VPN Servers)
ike-scan discovers IKE hosts and can also fingerprint them using the retransmission backoff pattern. ike-scan does two things: a) Discovery: Determine which hosts are running IKE. This is done by displaying those hosts which respond to the IKE requests sent by ike-scan. b) Fingerprinting: Determine which IKE implementation the hosts are using. This is done by recording the times of the IKE response packets from the target hosts and comparing the observed retransmission backoff pattern against known patterns. The retransmission backoff fingerprinting concept is discussed in more detail in the UDP backoff fingerprinting paper which should be included in the ike-scan kit as udp-backoff-fingerprinting-paper.txt.