Exploit IKE - Aggressive Mode Shared Secret Hash Leakage

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
22532
Проверка EDB
  1. Пройдено
Автор
JOHN PLIAM
Тип уязвимости
REMOTE
Платформа
HARDWARE
CVE
null
Дата публикации
1999-10-02
Код:
source: https://www.securityfocus.com/bid/7423/info

When a VPN is configured to use a pre-shared master secret and a client attempts to negotiate keys in aggressive mode, a hash of the secret is transmitted across the network in clear-text. This may result in the hash being leaked to eavesdroppers or malicious clients. An offline brute-force attack on this hash may then be performed to obtain the clear-text secret. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/22532.tar.gz
 
Источник
www.exploit-db.com

Похожие темы