[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] UPDATE: PSK Cracking using IKE Aggressive Mode

Hi,

we just release a Vulnerability scanner for the PSK Attack we've described in april in our paper 'PSK Cracking using IKE Aggressive Mode'.
The scanner is freely available from our website: www.ernw.de/download/ikeprobe.zip

The paper itself is available from our website too. Take a look at www.ernw.de/download/pskattack.pdf

Today we have some advancements in the cracking tools too. Mao integrated the PSK cracking function in his tool Cain & Abel (www.oxid.it). Cain & Abel can crack MD5 and SHA1 based preshared keys while ikecrack can only crack MD5 based preshared keys.

Cheers
Michael

----------------------------------------------------------------------------------------------------
Michael Thumann mlthumann@ids-guide www.ids-guide.de
Public Key available at http://www.ids-guide.de/MichaelThumann.asc
----------------------------------------------------------------------------------------------------
PGP Fingerprint:
8633 D9E3 E90E F18E A70A 6321 A8CF 6A87 EC79 7B59
----------------------------------------------------------------------------------------------------
The only secure computer is one that's unplugged, locked in a safe,
and buried 20 feet under the ground in a secret location...and i'm not
even too sure about that one
--Dennis Huges, FBI. 




--
This message has been 'sanitized'.  This means that potentially
dangerous content has been rewritten or removed.  The following
log describes which actions were taken.

Sanitizer (start="1068246221"):
 Split unusually long Date: header.
 SanitizeFile (filename="unnamed.txt", mimetype="text/plain"):
   Match (names="unnamed.txt", rule="9"):
     Enforced policy: accept

Total modifications so far: 1


Anomy 0.0.0 : Sanitizer.pm
Sanitizer version 1.63 (Debian GNU/Linux)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html