-
Notifications
You must be signed in to change notification settings - Fork 59
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Can ike-scan be used to detect the cisco asa ike buffer overflow? #17
Comments
Do you have the CVE number or some reference to the vulnerability> |
https://blog.exodusintel.com/2016/02/10/firewall-hacking/ CVE-2016-1287 I would just like to verify that the vulnerability is present somehow..... And thank you very much for checking my request !!! |
Thanks for the link. I think the ike-scan code could be adapted to check for this, but the current options can't generate a packet that will check this. The exploit relies on the server mishandlink IKE fragmentation, which isn't something that ike-scan does at the moment. It would be possible to add this functionality, and the IKE packet generation code is in isakmp.c. But you may find it easier to craft a packet using scapy or another packet crafting tool. If I get time I may look into this, but I don't spend a lot of time working on ike-scan nowadays. Of course, a pull request would be gratefully received :-) |
Thank you very much for your time to check this out. I think i maybe give isakmp.c a try.... |
@dimpol another packet crafting option is PacketFu - https://github.com/packetfu/packetfu (a scapy-like alternative that is supported in Metasploit) |
Hi,
Any ideas on how ike-scan can be configured to detect the cisco asa ike buffer overflow?
The text was updated successfully, but these errors were encountered: