Library ike
A very basic IKE library.
The current functionality includes:
1. Generating a Main or Aggressive Mode IKE request packet with a variable amount of transforms and a vpn group. 2. Sending a packet 3. Receiving the response 4. Parsing the response for VIDs 5. Searching for the VIDs in 'ike-fingerprints.lua' 6. returning a parsed info table
This library is meant for extension, which could include:
1. complete parsing of the response packet (might allow for better fingerprinting) 2. adding more options to the request packet vendor field (might give better fingerprinting of services, e.g. Checkpoint) 3. backoff pattern analyses
An a implementation resembling 'ike-scan' could be built.
Author:
Source: https://svn.nmap.org/nmap/nselib/ike.lua
Functions
- request (port, proto, mode, transforms, diffie, id)
Create a request packet
- response (packet)
Handle a response packet
- send_request (host, port, packet)
Send a request and parse the response
Functions
- request (port, proto, mode, transforms, diffie, id)
-
Create a request packet
Support for multiple transforms, which minimizes the the amount of traffic/packets needed to be sent
Parameters
- port
- Associated port number
- proto
- Associated protocol
- mode
- "Aggressive" or "Main"
- transforms
- Table of IKE transforms
- diffie
- DH group number
- id
- Identification data
Return value:
IKE request datagram - response (packet)
-
Handle a response packet
A very limited response parser. Currently only the VIDs are extracted. This could be made more advanced to allow for fingerprinting via the order of the returned headers
Parameters
- packet
- A received IKE packet
Return value:
A table of parsed response values - send_request (host, port, packet)
-
Send a request and parse the response
Sends an IKE request such as generated by
ike.request(), binding to the same source port as the destination port.Parameters
- host
- Destination host
- port
- Destination port (table)
- packet
Return value:
Parsed IKE response (output ofike.response())