Internet Key Exchange (IKE) Aggressive Mode Information Disclosure Vulnerability (CVE-2002-1623)

# SPDX-FileCopyrightText: 2021 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.117575");
  script_version("2024-06-14T05:05:48+0000");
  script_cve_id("CVE-2002-1623");
  script_tag(name:"last_modification", value:"2024-06-14 05:05:48 +0000 (Fri, 14 Jun 2024)");
  script_tag(name:"creation_date", value:"2021-07-23 09:03:46 +0000 (Fri, 23 Jul 2021)");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_tag(name:"cvss_base", value:"5.0");
  script_name("Internet Key Exchange (IKE) Aggressive Mode Information Disclosure Vulnerability (CVE-2002-1623)");
  script_category(ACT_ATTACK);
  script_family("General");
  script_copyright("Copyright (C) 2021 Greenbone AG");
  script_dependencies("gb_ike_isakmp_udp_detect.nasl");
  script_require_udp_ports("Services/udp/isakmp", 500);
  script_mandatory_keys("isakmp/v1.0/udp/detected");

  script_xref(name:"URL", value:"https://www.kb.cert.org/vuls/id/886601");
  script_xref(name:"URL", value:"https://web.archive.org/web/20120203011907/http://www.nta-monitor.com/posts/2003/01/checkpoint-main.html");
  script_xref(name:"URL", value:"https://marc.info/?l=bugtraq&m=103124812629621&w=2");
  script_xref(name:"URL", value:"https://marc.info/?l=bugtraq&m=103176164729351&w=2");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/7423");

  script_tag(name:"summary", value:"Internet Key Exchange (IKE) protocol enabled services running
  in / supporting the aggressive mode are prone to an information disclosure vulnerability.");

  script_tag(name:"vuldetect", value:"Sends IKE aggressive mode connection requests with
  Pre-Shared Key (PSK) authentication enabled and checks the response.");

  script_tag(name:"insight", value:"The design of the IKE protocol, when using Aggressive Mode for
  shared secret authentication (PSK), does not encrypt initiator or responder identities during
  negotiation.

  Please see the references for more technical / background info.");

  script_tag(name:"impact", value:"The flaw may allow remote attackers to determine valid usernames
  by monitoring responses before the password is supplied or sniffing.");

  script_tag(name:"affected", value:"Internet Key Exchange (IKE) protocol enabled services running
  in / supporting the aggressive mode with Pre-Shared Key (PSK) authentication enabled might be
  affected.");

  script_tag(name:"solution", value:"Use an alternative mode and authentication method.

  The IKE protocol provides many options for both connection mode and authentication method, several
  combinations provide identity protection. For example, both Main Mode with shared secret
  authentication and Aggressive Mode with public key authentication provide identity protection.");

  script_tag(name:"qod_type", value:"remote_active");
  script_tag(name:"solution_type", value:"Mitigation");

  exit(0);
}

include("port_service_func.inc");
include("ike_isakmp_func.inc");
include("host_details.inc");
include("misc_func.inc");
include("byte_func.inc");
include("version_func.inc");
include("dump.inc");
include("pcap_func.inc");
include("list_array_func.inc");

proto = "udp";
port = service_get_port( default:500, proto:"isakmp", ipproto:proto );

# nb: Only IKE / ISAKMP v1.0 is affected...
if( ! get_kb_item( "isakmp/v1.0/" + proto + "/" + port + "/detected" ) )
  exit( 0 );

auth_method_list = make_list( "psk" );
encryption_algo_list = make_list( "des", "3des", "aes/128", "aes/192", "aes/256" );
hash_algo_list = make_list( "md5", "sha1" );
group_desc_list = make_list( "768", "1024", "1536", "2048", "3072", "4096", "6144", "8192" );
dhgroup_list = make_list( 1, 2, 5, 14, 15, 16, 17, 18 );
this_host = this_host();

foreach auth_method( auth_method_list ) {

  foreach encryption_algo( encryption_algo_list ) {

    foreach hash_algo( hash_algo_list ) {

      foreach group_desc( group_desc_list ) {

        transform = isakmp_create_transforms_packet_single( encryption_algo:encryption_algo, auth_method:auth_method, hash_algo:hash_algo, group_desc:group_desc, max_transforms:1, current_transform:1 );
        if( ! transform )
          continue;

        foreach dhgroup( dhgroup_list ) {

          my_initiator_spi = rand_str( length:8, charset:"abcdefghiklmnopqrstuvwxyz0123456789" );
          req = isakmp_create_request_packet( port:port, ipproto:proto, exchange_type:"Aggressive", transforms:transform, transforms_num:1, initiator_spi:my_initiator_spi, dhgroup:dhgroup, aggressive_mode_id:this_host );
          if( ! req )
            continue;

          res = isakmp_send_recv( port:port, data:req, initiator_spi:my_initiator_spi, proto:proto, use_pcap:TRUE, debug:FALSE );

          # nb: Basic validity / response check. A few IKE implementations are reporting this string.
          if( ! res || "Could not find acceptable proposal" >< res )
            continue;

          # nb: isakmp_send_recv is already internally handling a received length < 28 so no extra
          # response length check required here.
          next_payload  = res[16];
          exchange_type = res[18];
          if( isnull( next_payload ) || isnull( exchange_type ) )
            continue;

          # If we're receiving both the remote host has accepted our proposal.
          if( next_payload == PAYLOADS_RAW["Security Association"] && exchange_type == EXCHANGE_TYPES_RAW["Aggressive"] ) {

            # nb:
            # - Store the reference from this one to gb_ike_isakmp_udp_detect.nasl to show a
            #   cross-reference within the reports
            # - We don't want to use get_app_* functions as we're only interested in the
            #   cross-reference here
            register_host_detail( name:"detected_by", value:"1.3.6.1.4.1.25623.1.0.117461" ); # gb_ike_isakmp_udp_detect.nasl
            register_host_detail( name:"detected_at", value:port + "/udp" );

            info = make_array();
            info["Authentication-Method"] = auth_method;
            info["Encryption-Algorithm"]  = encryption_algo;
            info["Hash-Algorithm"]        = hash_algo;
            info["Group-Description"]     = group_desc;
            info["Diffie Hellman Group"]  = dhgroup;
            report = 'The remote host is accepting Aggressive Mode connections with the following proposal:\n\n';
            report += text_format_table( array:info, sep:" | ", columnheader:make_list( "Type", "Value" ) );
            security_message( port:port, proto:proto, data:report );
            exit( 0 );
          }
        }
      }
    }
  }
}

exit( 99 );