Nmap Development mailing list archives
Re: [NSE] IKE information extraction
From: Jesper Kückelhahn <dev.kyckel () gmail com>
Date: Tue, 21 May 2013 10:02:27 +0200
Hi Anne, Thank you for your interest in testing the script. Unfortunately I don't have any systems available for testing purposes, but if you find any I'd be very interested in any feedback. - Jesper On Tue, May 21, 2013 at 12:45 AM, stripes <stripes () tigerlair com> wrote:
Hi Jesper, Do you have a system I can test this against? -Anne On Tue, May 21, 2013 at 12:38:39AM +0200, Jesper Kückelhahn wrote:Hi list, I've attached a script for extracting information from an IKE serviceand apatch for ike.lua. The IKE response might contain useful information such as the internal IP address, domain name or username, which the script displays. Also matched vendor IDs are displayed. The ike.lua.patch adds extra functionality to support the extraction (and some minor refactoring). Example outputs: PORT STATE SERVICE REASON VERSION 500/udp open isakmp udp-response SonicWall | ike-info: | Information | ID details | Type | ID_USER_FQDN | Value | DJ-G005 | Vendor IDs |_ SonicWall PORT STATE SERVICE REASON 500/udp open isakmp udp-response | ike-info: | Information | ID details | Type | ID_IPV4_ADDR | Value | 10.0.0.99 | Vendor IDs | Cisco Unity | XAUTH | Dead Peer Detection v1.0 | IKE FRAGMENTATION | Cisco VPN Concentrator 3000 4.0.7 |_ Cisco VPN Concentrator 3000 Currently there's a minor bug, as both the ike version detection scriptandike-info.nse both try to bind to port 500 UDP. Is there a nice way towaitfor the port to become available ? Regards Jesper Kückelhahn_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/-- If you don't know there's a (\`--/') _ _______ .-r-. trampoline in the room, you're >.~.\ `` ` `,`,`. ,'_'~`. not going to dust the ceiling for (v_," ; `,-\ ; : ; \/,-~) \ fingerprints. -Law & Order:SVU `--'_..),-/ ' ' '_.>-' )`.`.__.') stripes at tigerlair dot com ((,((,__..'~~~~~~((,__..' `-..-'fL
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] IKE information extraction Jesper Kückelhahn (May 20)
- Re: [NSE] IKE information extraction stripes (May 20)
- Re: [NSE] IKE information extraction Patrik Karlsson (May 20)
- Re: [NSE] IKE information extraction Jesper Kückelhahn (May 21)
- Re: [NSE] IKE information extraction Jesper Kückelhahn (May 21)
- Re: [NSE] IKE information extraction Jesper Kückelhahn (May 22)
- Re: [NSE] IKE information extraction David Fifield (Jun 17)
- Re: [NSE] IKE information extraction Jesper Kückelhahn (May 21)
- Re: [NSE] IKE information extraction Jesper Kückelhahn (May 21)