-
Notifications
You must be signed in to change notification settings - Fork 59
/
check-psk-crack-2
executable file
·131 lines (130 loc) · 4.7 KB
/
check-psk-crack-2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
#!/bin/sh
# The IKE Scanner (ike-scan) is Copyright (C) 2003-2007 Roy Hills,
# NTA Monitor Ltd.
#
# This file is part of ike-scan.
#
# ike-scan is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# ike-scan is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with ike-scan. If not, see <http://www.gnu.org/licenses/>.
#
# Author: Roy Hills
# Date: 19 November 2004
#
# This shell script checks that psk-crack works for MD5 and SHA1 based
# hashes.
#
TMPFILE=/tmp/ike-scan-test.$$.tmp
MD5PSK=/tmp/md5-psk.$$.tmp
SHA1PSK=/tmp/sha1-psk.$$.tmp
DICTFILE=/tmp/ike-dict-file.$$.tmp
# Create PSK parameter files with known pre-shared keys.
# These parameters were generated using ike-scan 1.6.4 and Checkpoint
# Firewall-1 NG AI R54. In both cases, the pre-shared key is "abc123"
echo "5c7916ddf8db4d233b3b36005bb3ccc115a73807e11a897be943fd4a2d0f942624cb00588d8b3a0a26502b73e639df217ef6c4cb90f96b0a3c3ef2f62ed025b4a705df9de65e33e380c1ba5fa23bf1f9911bbf388d0844256fa0131fc5cf8acb396936ba3295b4637b039d93f58db90a3a1cf1ef5051103bacf6e1a3334f9f89:fde8c68c5f324c7dbcbadde1d757af6962c63496c009f77cad647f2997fd4295e50821453a6dc2f6279fd7fef68768584d9cee0da6e68a534a097ce206bf77ecc798310206f3f82d92d02c885794e0a430ceb2d6b43c2aff45a6e14c6558382df0692ff65c2724eef750764ee456f31424a5ebd9e115d826bbb9722111aa4e01:b2a3c7aa4be95e85:756e3fa11c1b102c:00000001000000010000002c01010001000000240101000080010001800200018003000180040002800b0001000c000400007080:01000000ac100202:251d7ace920b17cb34f9d561bca46d037b337d19:e045819a64edbf022620bff3efdb935216584cc4:b9c594fa3fca6bb30a85c4208a8df348" > $MD5PSK
echo "9bdee7aa341cf1a6c19bc0191106b5056537ce6b837cd70678ea5a3ccb606b56dee4548feb67f24fd6f4d5f58967a9ff3c674d9d79e4195b7def5aac147c9fe9abdc2f8ba2eca58f4c863fedc7a8c8e1ad6e1551b1e44bf9a0e258561a5db1c2ca1e8b5dfda1b012012b6fdf24ecd07da6b10d76ab3b58d07b30b4f9da26aee4:c9b7ef0610a22b3e1c88b1a01ce4d4110edf6baa122ed1285eb2184cd75d30a11520a725c2d263de5a157f77f953880732f3b14521836d7f3585cb0ce3fcadf81c541dde2680bd81953cf88e8f8096c173470694ca7414fff9df0cdcdbb9d4f70ef1d6347293b507cfad965e2d2c1fa07326353e9a493d93284970040344fb11:3506592130312567:6c362583ce7a2a26:00000001000000010000002c01010001000000240101000080010001800200028003000180040002800b0001000c000400007080:01000000ac100202:84943233f42a0b5a9b33c327162fe0efee2545e4:76f451dce3fea6402b67f3fddae561ebdb4a6efe:f63f237b3c0f1fe57a5b852203cfd27cbf0c78d4" > $SHA1PSK
#
# Create dictionary file
echo "notthisone" > $DICTFILE
echo "NotThisOne" >> $DICTFILE
echo "NextOne" >> $DICTFILE
echo "abc123" >> $DICTFILE
echo "xyz123" >> $DICTFILE
#
echo "Checking psk-crack bruteforce with MD5 hash ..."
./psk-crack --bruteforce=6 --charset=abc123 $MD5PSK >$TMPFILE
if test $? -ne 0; then
rm -f $TMPFILE
rm -f $DICTFILE
rm -f $MD5PSK
rm -f $SHA1PSK
echo "FAILED"
exit 1
fi
grep '^key "abc123" matches MD5 hash ' $TMPFILE >/dev/null
if test $? -ne 0; then
rm -f $TMPFILE
rm -f $DICTFILE
rm -f $MD5PSK
rm -f $SHA1PSK
echo "FAILED"
exit 1
fi
echo "ok"
#
echo "Checking psk-crack bruteforce with SHA1 hash ..."
./psk-crack --bruteforce=6 --charset=abc123 $SHA1PSK > $TMPFILE
if test $? -ne 0; then
rm -f $TMPFILE
rm -f $DICTFILE
rm -f $MD5PSK
rm -f $SHA1PSK
echo "FAILED"
exit 1
fi
grep '^key "abc123" matches SHA1 hash ' $TMPFILE >/dev/null
if test $? -ne 0; then
rm -f $TMPFILE
rm -f $DICTFILE
rm -f $MD5PSK
rm -f $SHA1PSK
echo "FAILED"
exit 1
fi
echo "ok"
#
echo "Checking psk-crack dictionary with MD5 hash ..."
./psk-crack --dictionary=$DICTFILE $MD5PSK >$TMPFILE
if test $? -ne 0; then
rm -f $TMPFILE
rm -f $DICTFILE
rm -f $MD5PSK
rm -f $SHA1PSK
echo "FAILED"
exit 1
fi
grep '^key "abc123" matches MD5 hash ' $TMPFILE >/dev/null
if test $? -ne 0; then
rm -f $TMPFILE
rm -f $DICTFILE
rm -f $MD5PSK
rm -f $SHA1PSK
echo "FAILED"
exit 1
fi
echo "ok"
#
echo "Checking psk-crack dictionary with SHA1 hash ..."
./psk-crack --dictionary=$DICTFILE $SHA1PSK > $TMPFILE
if test $? -ne 0; then
rm -f $TMPFILE
rm -f $DICTFILE
rm -f $MD5PSK
rm -f $SHA1PSK
echo "FAILED"
exit 1
fi
grep '^key "abc123" matches SHA1 hash ' $TMPFILE >/dev/null
if test $? -ne 0; then
rm -f $TMPFILE
rm -f $DICTFILE
rm -f $MD5PSK
rm -f $SHA1PSK
echo "FAILED"
exit 1
fi
echo "ok"
#
rm -f $TMPFILE
rm -f $DICTFILE
rm -f $MD5PSK
rm -f $SHA1PSK