Sophie

Sophie

distrib > Fedora > 15 > i386 > by-pkgid > 7dc6288baa125aff41f9c80c4ed62370 > files > 8

ike-scan-1.9-10.fc15.i686.rpm

$Id: TODO 9882 2007-01-13 17:15:39Z rsh $

Write custom packet creation code.  This would allow an arbitrary IKE packet
to be created and sent.  The generation rules would be some sort of
specification file as command-line arguments are not flexible enough for this
task.  Probably parse with yacc/lex to avoid having to write C string handling
and pattern matching.  This would override any command-line options that
define the packet such as --aggressive, --auth, --trans, --dhgroup Etc.

Add option for XML output for easier machine readability.

Decode the currently unhandled ID types: ID_IPV6_ADDR, ID_IPV6_ADDR_SUBNET,
ID_IPV6_ADDR_RANGE, ID_DER_ASN1_DN, and ID_DER_ASN1_GN (I've never seen these
used though).

Use Token Bucket algorithm for packet transmission to allow higher output
rates, esp. when minimum select() wait is relatively large.

Allow --trans options to be specified as inclusive ranges.  This would add
a host entry for each transform attribute in the range, which could be used
to determine which attributes a server supports.

Add an option to include all known vendor IDs to the outgoing packet.
Suggested by Max Kosmach.  This would require a more complex structure to
hold the vendor IDs as the current one only contains the pattern to match
which cannot simply be used as the outgoing VendorID as it may contain
metacharacters.

Allow a variable number of packets in the UDP backoff pattern.  Some VPN
servers will return different numbers of packets, but still have a unique
pattern.

Add support for Main Mode PSK cracking using a MitM attack.  Suggested by
Anton Rager.

Allow an id file to be specified, which would contain multiple identities
(usernames).  Each identity would create a separate host entry, with a
pointer to the associated ID so that it could be correctly displayed.

Increase PSK cracking speed by using faster hash functions.  Possibilities
include Jean-Luc Cooke's MD5crk MD5 cores which use SIMD instructions.

Allow sending of zero values for all the various parameters.  For 1 and 2-byte
sized parameters, this can be achieved by using int instead of unsigned and
using -1 to represent the default rather than 0.  For 4-byte values, it
requires a separate flag variable.  Another option is to define a struct like:

struct value {
   int flag;
   unsigned val;
}

Add support for multiple psk-crack processes using MPI for inter-process
communication.  This should enable psk-crack to run much faster on multi-
core CPUs.

Add support for IKE MitM attack, similar to FakeIKEd at
http://www.roe.ch/FakeIKEd

Support custom transforms for IKEv2.

Display notification of NAT-T encapsulation.

Fix alignment problem in display_packet() when payload has an odd size,
resulting in the next payload starting at an odd address.  This causes
bus error on SPARC.

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional