Foothold

500/udp   open          isakmp
❯ ike-scan --aggressive 10.10.11.87
Starting ike-scan 1.9.6 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
10.10.11.87     Aggressive Mode Handshake returned HDR=(CKY-R=c8fd2b38dc76c732) SA=(Enc=3DES Hash=SHA1 Group=2:modp1024 Auth=PSK LifeType=Seconds LifeDuration=28800) KeyExchange(128 bytes) Nonce(32 bytes) ID(Type=ID_USER_FQDN, [email protected]) VID=09002689dfd6b712 (XAUTH) VID=afcad71368a1f1c96b8696fc77570100 (Dead Peer Detection v1.0) Hash(20 bytes)

Ending ike-scan 1.9.6: 1 hosts scanned in 0.061 seconds (16.31 hosts/sec).  1 returned handshake; 0 returned notify

Group name

ID(Type=ID_USER_FQDN, [email protected])
❯ ike-scan -M 10.10.11.87
Starting ike-scan 1.9.6 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
10.10.11.87     Main Mode Handshake returned
        HDR=(CKY-R=b1b220594ac7dd57)
        SA=(Enc=3DES Hash=SHA1 Group=2:modp1024 Auth=PSK LifeType=Seconds LifeDuration=28800)
        VID=09002689dfd6b712 (XAUTH)
        VID=afcad71368a1f1c96b8696fc77570100 (Dead Peer Detection v1.0)

Ending ike-scan 1.9.6: 1 hosts scanned in 0.061 seconds (16.52 hosts/sec).  1 returned handshake; 0 returned notify

VPN uses a PSK; 1 returned handshake; 0 returned notify

❯ ike-scan -M -A -n [email protected] --pskcrack=hash.txt 10.10.11.87
freakingrockstarontheroad
Previous500/UDPNextPriv Esc

Last updated

Was this helpful?