Re: Extending ike.lua

[nnposter <nnposter () users sourceforge net>]

Hello Gary,
There appears to be a bug in ike.lua. Please set the leading octet for
all the values to "8":

  ["1024"] = 0x80040002,
  ["1536"] = 0x80040005,
  ["2048"] = 0x8004000E,
  ["3072"] = 0x8004000F,
  ["4096"] = 0x80040010,
  ["6144"] = 0x80040011,
  ["8192"] = 0x80040012,

If you care about the details then take a look at
https://github.com/nmap/nmap/issues/523.

Cheers,
nnposter


On 8/22/16 1:50 PM, Gary Madarm wrote:
> On Mon, Aug 22, 2016 at 7:17 PM, nnposter
> <nnposter () users sourceforge net <mailto:nnposter () users sourceforge net>>
> wrote:
>
>     Hello Gary,
>     Would the following quick fix work for you?
>
>
> Thanks nnposter! Can you explain how to calculate those values? I want
> to make sure the values I inserted in the other tables are correct as well.
>
> Unfortunately, even with the additions, I still can't get
> ike-version.nse to properly detect certain VPN servers that support
> aggressive mode authentication. I attached my updated ike.lua and
> ike-version.nse files. Can anyone help me debug? If it helps I can
> provide the IP of a couple of servers I know support aggressive mode but
> are not detected with nmap.
>
> - G
>  
>
>     Cheers,
>     nnposter
>
>
>     --- ike.lua.orig        2016-06-27 09:32:58.000000000 -0600
>     +++ ike.lua     2016-08-22 10:13:22.649792500 -0600
>     @@ -59,6 +59,10 @@
>        ["1024"] = 0x80040002,
>        ["1536"] = 0x80040005,
>        ["2048"] = 0x0004000E,
>     +  ["3072"] = 0x0004000F,
>     +  ["4096"] = 0x00040010,
>     +  ["6144"] = 0x00040011,
>     +  ["8192"] = 0x00040012,
>      }
>
>      local EXCHANGE_MODE = {
>
>
>
> _______________________________________________
> Sent through the dev mailing list
> https://nmap.org/mailman/listinfo/dev
> Archived at http://seclists.org/nmap-dev/
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/