Internet Key Exchange (IKE) is the protocol used to set up a security association in the IPsec protocol suite. IKE uses a Diffie-Hellman key exchange to set up a shared session secret, from which cryptographic keys are derived.
Now that you know what an IKE is, you will find it easier to know what FakeIKEd is. It is a fake IKE daemon which supports the standards and Cisco extensions to attack commonly found insecure Cisco PSK+XAUTH VPN setups. This can be considered as a semi MiTM attack. Semi-MiTM because it does not yet emulate the client part. It can impersonate a VPN gateway’s IKE responder in order to capture XAUTH login credentials.
It is partially based on vpnc and uses libgcrypt and optionally libnet. It supports IKEv1 in aggressive mode, using pre-shared keys and XAUTH. Supported algorithms are DES, 3DES, AES-128, AES-192, AES-256; MD5, SHA1; and DH groups 1, 2 and 5. IKE main mode is not supported.
It has been reported to work on FreeBSD, OpenBSD and Linux operating systems.
Download its latest version 0.0.4 here.
Related External Links
fakeiked main mode
You must log in to post a comment.