Nmap ike-version NSE Script
This page contains detailed information about how to use the ike-version NSE script. For list of all NSE scripts, visit the Nmap NSE Library.
| Select: |
|---|
Script Overview
Script source code: https://github.com/nmap/nmap/tree/master/scripts/ike-version.nse
Script categories: default, discovery, safe, version
Target service / protocol: isakmp, udp
Target network port(s): 500
List of CVEs: -
Script Description
The ike-version.nse script obtains information (such as vendor and device type where available) from an IKE service by sending four packets to the host. This scripts tests with both Main and Aggressive Mode and sends multiple transforms per request.
Ike-version NSE Script Arguments
The ike-version.nse script does not have any arguments.
Ike-version NSE Script Example Usage
Here's an example of how to use the ike-version.nse script:
nmap -sU -sV -p 500 <target>
nmap -sU -p 500 --script ike-version <target>
Ike-version NSE Script Example Output
Here's a sample output from the ike-version.nse script:
PORT STATE SERVICE REASON VERSION
500/udp open isakmp udp-response Fortinet FortiGate v5
| ike-version:
| vendor_id: Fortinet FortiGate v5
| attributes:
| Dead Peer Detection v1.0
|_ XAUTH
Service Info: OS: Fortigate v5; Device: Network Security Appliance; CPE: cpe:/h:fortinet:fortigate
Ike-version NSE Script Example XML Output
Here's a sample XML output from the ike-version.nse script produced by providing the -oX <file> Nmap option:
<elem key="vendor_id">Fortinet FortiGate v5</elem>
<table key="unmatched_ids">
<elem>1234567890abcdef</elem>
</table>
<table key="attributes">
<elem>Dead Peer Detection v1.0</elem>
<elem>XAUTH</elem>
</table>
Author
- Jesper Kueckelhahn
References
- https://nmap.org/nsedoc/scripts/ike-version.html
- https://github.com/nmap/nmap/tree/master/scripts/ike-version.nse
See Also
Visit Nmap NSE Library for more scripts.
The ike-version.nse script may fail with the following error messages. Check for the possible causes by using the code snippets highlighted below found in the script source code. This can often times help in identifying the root cause of the problem.
Aggressive mode (dh 2) failed
Here is a relevant code snippet related to the "Aggressive mode (dh 2) failed" error message:
75: packet = ike.request(port.number, port.protocol, 'Aggressive', t, diffie, 'vpngroup')
76: version = ike.send_request(host, port, packet)
77: if version.success then
78: return version
79: end
80: stdnse.debug1("Aggressive mode (dh 2) failed")
81:
82: -- try aggressive mode (diffie hellman group 1)
83: diffie = 1
84: stdnse.debug1("Sending Aggressive mode packet ...")
85: packet = ike.request(port.number, port.protocol, 'Aggressive', t, diffie, 'vpngroup')
Aggressive mode (dh 1) failed
Here is a relevant code snippet related to the "Aggressive mode (dh 1) failed" error message:
85: packet = ike.request(port.number, port.protocol, 'Aggressive', t, diffie, 'vpngroup')
86: version = ike.send_request(host, port, packet)
87: if version.success then
88: return version
89: end
90: stdnse.debug1("Aggressive mode (dh 1) failed")
91:
92: -- try aggressive mode (diffie hellman group 2, no id)
93: -- some checkpoint devices respond to this
94: local diffie = 2
95: stdnse.debug1("Sending Aggressive mode packet ...")
Aggressive mode (dh 2, no id) failed
Here is a relevant code snippet related to the "Aggressive mode (dh 2, no id) failed" error message:
96: packet = ike.request(port.number, port.protocol, 'Aggressive', t, diffie, '')
97: version = ike.send_request(host, port, packet)
98: if version.success then
99: return version
100: end
101: stdnse.debug1("Aggressive mode (dh 2, no id) failed")
102:
103: -- try main mode
104: stdnse.debug1("Sending Main mode packet ...")
105: packet = ike.request(port.number, port.protocol, 'Main', t, '')
106: version = ike.send_request(host, port, packet)
Main mode failed
Here is a relevant code snippet related to the "Main mode failed" error message:
105: packet = ike.request(port.number, port.protocol, 'Main', t, '')
106: version = ike.send_request(host, port, packet)
107: if version.success then
108: return version
109: end
110: stdnse.debug1("Main mode failed")
111:
112: stdnse.debug1("Version detection not possible")
113: return false
114: end
115:
Version
This page has been created based on Nmap version 7.92.
Go back to menu.
