A variation of the IKE-SCAN user guide's transforms discovery script, adding a few features. Handshakes can be done in Main or Aggressive Modes. For Aggresive Mode, a custom group ID can be given. Targets can be specified as a single IP, or an input file of multiple IPs.
Changes:
- Added a (default) check for INVALID-ID-RESPONSE, which stops checking that host if that response is received. Added the --no-id-check option to disable that behavior. Ideally, a host that gives INVALID-ID-RESPONSE with Aggressive Mode handshakes should be checked for working transforms in Main Mode, and then tested with
ike-forceby Spider Labs to identify working group IDs.