Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Extending ike.lua

From: nnposter <nnposter () users sourceforge net>
Date: Mon, 22 Aug 2016 10:17:34 -0600
Hello Gary,
Would the following quick fix work for you?

Cheers,
nnposter


--- ike.lua.orig        2016-06-27 09:32:58.000000000 -0600
+++ ike.lua     2016-08-22 10:13:22.649792500 -0600
@@ -59,6 +59,10 @@
   ["1024"] = 0x80040002,
   ["1536"] = 0x80040005,
   ["2048"] = 0x0004000E,
+  ["3072"] = 0x0004000F,
+  ["4096"] = 0x00040010,
+  ["6144"] = 0x00040011,
+  ["8192"] = 0x00040012,
 }

 local EXCHANGE_MODE = {




On 8/22/16 8:21 AM, Gary Madarm wrote:

I keep hitting false negatives when running ike-version.nse against VPN
hosts that support aggressive mode authentication. I'm not sure if this
is the correct approach but in my attempt to fix the issue, I want to
beef up the ENC_METHODS, AUTH_TYPES, HASH_ALGORITHM and
GROUP_DESCRIPTION tables to more closely match those mentioned in RFC
2409. At the moment I'm stuck on the following table from ike-version.nse:

local GROUP_DESCRIPTION = {
  ["768"]  = 0x80040001,
  ["1024"] = 0x80040002,
  ["1536"] = 0x80040005,
  ["2048"] = 0x0004000E,
}


How does 768 == '0x80040001'? I want to add other groups (e.g. 3072,
4096, 6144) but don't understand how to create the proper (hex?) equivalent.


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: