Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews


LINUX CATEGORIES:



GLOBAL PAGES >>
NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
WEEK'S BEST
  • Linux Kernel 3.9.3 / 3....
  • LibreOffice 3.6.6 / 4.0.3
  • MPlayer 1.1.1
  • systemd 204
  • Arch Linux 2013.05.01
  • Blender 2.67a
  • KDE Software Compilatio...
  • CrunchBang Linux Stable...
  • Elementary OS 0.1 / 0.2...
  • SystemRescueCd 3.6.0
    		•
    Home > Linux > Security

    FakeIKEd 0.0.5
    Download button

    No screenshots available
    Downloads: 839  View global page NEW!  Tell us about an update
    User Rating:
    Rated by:    		 NOT RATED
    0 user(s)
    Developer:

    License / Price:

    Last Updated:

    Category:         		Daniel Roethlisberger | More programs
    BSD License / FREE
    August 4th, 2009, 09:58 GMT
    ROOT / Security

     Read user reviews (0)  Refer to a friend  Subscribe

    FakeIKEd description

    A fake IKE daemon that supports just enough of the standards and Cisco extensions

    Fiked is a fake IKE daemon that supports just enough of the standards and Cisco extensions to attack commonly found insecure Cisco PSK+XAUTH VPN setups in what could be described as a semi-MitM attack.

    Basically, knowing the pre-shared key, also known as shared secret or group password, the VPN gateway can be impersonated in IKE phase 1, in order to learn XAUTH user credentials in phase 2.

    The configuration supported by fiked is IKE aggressive mode using pre-shared keys and XAUTH. FakeIKEd supports algorithms like DES, 3DES, AES128, AES192, AES256, MD5, SHA1, and DH groups 1, 2, and 5. Main mode is not supported.

    Basically, if you know the pre-shared key, also known as shared secret or group password, you can play Man in the Middle, impersonate the VPN gateway in IKE phase 1, and learn XAUTH user credentials in phase 2.

    This attack is not new. It has been known for a long time that IKE using PSK with XAUTH is insecure, and this is not the first actual implementation of the attack.
    To successfully demostrate an attack on a VPN site, you need to know the shared secret, and you must be able to intercept the IKE traffic between the clients and the VPN gateway.

    There are several ways to find out the shared secret, including being a legitimate user, grabbing it from some Cisco config file, using ike-crack, or layer 8 hackery.
    There are also several ways to redirect the IKE traffic to your running fiked instance, including ARP spoofing, 802.11 hostap, or layer 1 hackery.

    Usage:

    Usage: fiked [-rdqhV] -g gateway -k id:psk [-k ...] [-l file] [-L file]
    -r use raw socket: forge source address to match < gateway >
    -d detach from tty and run as a daemon (implies -q)
    -q be quiet, don't write anything to stdout
    -h print help and exit
    -V print version and exit
    -g gw VPN gateway address to impersonate
    -k i:k pre-shared key aka. group password, shared secret, prefixed
    with its group/key id (first -k sets default)
    -l file append results to credential log file
    -L file verbous logging to file instead of stdout


    Product's homepage

      


    TAGS:

    		 IKE daemon | Cisco extensions | SHA1 algorithm | FakeIKEd | IKE | daemon

    Go to top

    WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

    SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
    © 2001 - 2013 Softpedia. All rights reserved.
    Softpedia® and the Softpedia® logo are
    registered trademarks of SoftNews NET SRL.    		 Copyright Information | Privacy Policy | Terms of Use