fIKEd

Description

FakeIKEd, or fiked for short, is a fake IKE daemon supporting just enough of the standards and Cisco extensions to attack commonly found insecure Cisco VPN PSK+XAUTH based IPsec authentication setups in what could be described as a semi MitM attack. Fiked can impersonate a VPN gateway’s IKE responder in order to capture XAUTH login credentials; it doesn’t currently do the client part of full MitM.

Usage

Syntax

fiked [-rdqhV] -g gw -k id:psk [-k ..] [-u user] [-l file] [-L file]

Options

        -r	use raw socket: forge ip src addr to match <gateway> (disables -u)
	-d	detach from tty and run as a daemon (implies -q)
	-q	be quiet, don't write anything to stdout
	-h	print help and exit
	-V	print version and exit
	-g gw	VPN gateway address to impersonate
	-k i:k	pre-shared key aka. group password, shared secret, prefixed
		with its group/key id (first -k sets default)
	-u user	drop privileges to unprivileged user account
	-l file	append results to credential log file
	-L file	verbous logging to file instead of stdout

Example

cyborg@cyborg:~$ sudo fiked -g 192.168.1.5 -k ztrela:trendztrela
[sudo] password for cyborg: 
[2015-11-17 13:12:17 +0530] [9589] fiked-0.0.5 started (500/udp)
0 Comments

Leave a reply

CONTACT US

We're are building as a community and a team. Be a part of it.

Sending

©2017 Ztrela Knowledge Solutions Pvt. Ltd

Log in with your credentials

Forgot your details?