Embed Size (px)
Citation preview
IPSec and PPTP VPN Exploits
A thesis submitted InPartial Fulfillment of the Requirements
For the Degree ofBachelor of Science
AtMinnesota State University, Mankato
byRalph J. Notaro
May 2011
Abstract
Regardless of how secure or encrypted a virtual private network (VPN) connection is there are typically ways hackers can find out what kind of VPN the victim is using and then perform some sort of exploit to gain access to the system. This paper focuses on exploiting two different VPN protocols,internet protocol security (IPSec) and point-to-point tunneling protocol (PPTP). The first exploit performed is penetration testing of IPSec VPN during the internet key exchange (IKE). The second exploit involves using a man-in-the-middle attack on a PPTP VPN server to determine the victim’s user ID and password. Finally, this paper concludesby discussing techniques that can help prevent these kinds of attacks.
Background
There are many businesses these days that want the ability to extend their domain and influence around the world by putting up offices and work sites in different areas around the country or even around the world. VPN can help connect these remote locations together into a uniform network where these locations will act like they are right next to each other,enabling them to share information in a type of local area network (LAN). VPN can help provide reliability in communication transmissions, ability to send and receive information faster over using direct internet; most importantly,it providesa secure way of handling the communication that is being passed along.
Because VPN uses the shared public network of the internet, it must have security and encryption measures in place so that hackers and other unauthorized third parties do not obtain the information that is relayed through this “virtual” conduit in the internet. This “virtual” tunnel that runs through the internet is only seen by the sender and the recipient. When a transmission occurs,the message being sent to the receiver is wrapped inside a protective shell that is encrypted and cannot be interrupted by other users on the internet. This is what makes it secure and allows it to seem as though computers are on a local network. This tunneling technology has several different protocols to choose from to setup a VPN; the most popular ones are IPSec, PPTP, and L2TP (Mitchell).With these different VPN protocols comes concern for how secure the network is and questions arise as to what exploits hackers can use to potentially steal credentials and data. There are several different encryption protocol solutions that a person or corporation may choose from depending on what features and security measures they wish to incorporate on their network.
There are a few different ways hackers can get inside a VPN network. One method is to use penetration testing which allows the hacker to find out what type of VPN the victim is using and if there are any vulnerabilities to the system that can be exploited. These include things such as the type of VPN software being used, ports the VPN is using, and if there is any use of
default accounts(Belani & Mookhey, 2005). Penetration testing will only work on select VPN tunneling protocols.
Another method of exploitation occurs when a hacker uses a man-in-the-middle attack. This consists of an attacker acting as a relay, sending and receiving messages making the victims believe that they are talking to each other when in reality they are not. In the case of VPN security, the attacker can reroute the connection by using IP spoofing or ARP spoofing which essentially consists of fake packets created by the hacker that can take place of the actual sender’s packets therefore making a false identity.
IPSecOverview
The IPSec protocol provides authentication and encryption for each packet and exists in the network layer of the OSI model. IPSec VPNsare made up of three different security componentswhichform a suite. The first security protocol relates to the authentication header (AH) which protects the IP packet header by applying an encrypted checksum that gets calculated and transmittedwith every packet. The checksum is there to ensure it is authenticated and traverses the internet securely without being intercepted by a third party. When the receiveracquires the packet the checksum is calculated again; if any changes were made to the packet it is thrown out and retransmitted. The encapsulating security payload (ESP) is another security measure that uses encryption algorithms to protect the IP packet contents of the message that is being sent over the internet(Pandya, 2011).The third component to IPSec VPNs is the internet key exchange (IKE) which is crucial for AH and ESP because it handles the secure exchange of the secret key between the two parties.IKE can run under two different modes which are Main Mode and Aggressive Mode. Main Mode IKE uses the Diffie-Hellman key exchange which generates a shared secret key to send and receive data over a network between two parties. The IKE Aggressive Mode does not use the Diffie-Hellman exchange making it easier for someone to potentially exploit the system and capture sensitive data(Belani & Mookhey, 2005).
IPSec Penetration Test
Now that some of the basics of IPSec VPNs have been outlined it is time to attempt an IPSec penetration test. The purpose of this test is to find out if there are any exploits that an attacker could use to get into the VPN system. The only requirement for this test that needs to be known is the VPN server’s IP address.This section of the paper will outline what IPsec is and how ike-scan, which is a command-line tool, can be used to fingerprint the VPN server.
If the IP address of the server is known, trying the default standard ports of various VPN implementations can be done. Using a port scanner to do this is another option to determine if a VPN server is present. It is important to find the type of VPN instance running as well as the
port in order to direct a focused attack for that type of VPN implementation. The default port for IPSec VPN is UDP 500. For other VPN implementationsreferencing default VPN portson the internet could help determine what VPN software is running on those servers.When the type of VPN is determined, the next step is to figure out the VPN vendor and version numberof the server. For the rest of this section assume the IPSec VPN implementation is being used. In the case of IPSec, a tool called ike-scan (Hills, 2009)may be utilized to “fingerprint” the VPN server by analyzing specific values in the IP packets and comparing it to a signature database that the tool can reference. If it finds a close match as to what the VPN server is, it will make a guessas to what the implementation is and return it to the attacker.If a hacker was able to successfully obtain this information they can then find exploits to use that are specifically directed toward that VPN implementation(Belani & Mookhey, 2005).One situation where this can be useful is if the hacker finds out that the VPN server is running an older version of the software and updates to the VPN have not been made to correct certain security risks or exploits, then the hacker can use those exploits to their advantage because the VPN administrator failed to update the software.
Ike-scan can be used for identifying what kind of VPN software the server is utilizing.The tool was developed by NTA Monitor and is free to download from their website.1By default ike-scan will send a packet with a Security Association (SA) payload that contains eight transforms. Each of these transforms have attributes that make attempts to the VPN server to see if it accepts the packet configuration and responds back with a message. The transform is made up by the following types of attributes: encryption algorithm, hash algorithm, authentication method, and Diffie-Hellman group. There are quite a number of different transforms that can be tried such as DES and AES encryption; MD5 and SHA1 hash algorithms; PSK and RSA authentication. The tables listed below can be found at NTA Monitor’s website under ike-scan user guide wiki.
Value Encryption Algorithm Comments1 DES Common2 IDEA Very rare3 Blowfish Rare4 RC5 Very rare5 Triple DES Common6 CAST Rare7 AES Common on modern systems, three key lengths: 128, 192 and 2568 Camellia Very rareFigure 1: Table of encryption algorithms (Hills, 2009).
Value Hash Algorithm Comments
1 Ike-scan download link: http://www.nta-monitor.com/tools/ike-scan/
1 MD5 Common2 SHA1 Common3 Tiger Rare4 SHA2-256 Rare5 SHA2-384 Rare6 SHA2-512 RareFigure 2: Table of hash algorithms (Hills, 2009).
Value Authentication Method Comments1 Pre-Shared Key Common2 DSS Signature Rare3 RSA Signature Common4 RSA Encryption Rare5 Revised RSA Encryption Rare6 ElGamel Encryption Rare7 Revised ElGamel Encryption Rare8 ECDSA Signature Rare64221 Hybrid Mode Common on Checkpoint systems65001 XAUTH Common on remote access systemsFigure 3: Table of authentication methods (Hills, 2009).
Value Diffie-Hellman Group Comments1 MODP 768 Common2 MODP 1024 Common3 EC2N 155 Rare4 EC2N 185 Rare5 MODP 1536 Common6 EC2N 163 Rare7 EC2N 163 Rare8 EC2N 183 Rare9 EC2N 183 Rare10 EC2N 409 Rare11 EC2N 409 Rare12 EC2N 571 Rare13 EC2N 571 Rare14 MODP 2048 Rare15 MODP 3072 Rare16 MODP 4096 Rare17 MODP 6144 Rare18 MODP 8192 RareFigure 4: Table of Diffie-Hellman groups (Hills, 2009).
With the ike-scan tool, options can be passed into the command-line to specify the different type of transforms to use. Values of these transforms and how the syntax in the command prompt is used with the tool are outlined in the ike-scan user guide. The purpose of trying these different transforms is to see if a response is generated to determine first if there even is a VPN server present at the specified destination address. The tool can also be used to
determine the presence of a firewall. The ike-scan tool will send a notify response to the attacker if there is a VPN server active(Hills, 2009).
The next step is to get an IKE handshake response from the server if the attacker did not get one from the identification stage. This can be done by trial and error,using different transforms and authentication codes again in order for more information to be obtained aboutthe VPN server. Once a handshake is received the attacker can take note of the specific transform they used to get a handshake and use that for future scans.
After the IKE handshake the attacker will proceed to fingerprinting the VPN server. The ike-scan tool uses UDP protocol for fingerprinting, which is unreliable data transmission. It uses a retransmission backoff strategy where the tool will send the acceptable IKE handshake to the server but then it will not reply back to the server’s responses. This will then make the server want to keep sending the packet back to the attacker until it gets a response. The attacker can take note of the time difference between each packet being sent from the server. Using this method they can figure out the server’s backoff strategy which will in turn help fingerprint the server. If done successfully the attacker will get the vendor ID, model and product type of the VPN server. Knowing this information the attacker can reference the Vendor ID and modelwith a list of VPN software to find out what the victim’s VPN server is using(Hills, 2009).
Another exploitation a hacker can use is if the IPSec server uses pre-shared key (PSK) for authentication then it may be possible to force the server into aggressive mode from main mode. Putting the VPN server in aggressive mode would allow the authentication hash to be delivered in clear text. Having the authentication hash would allow a hacker to use a brute force or dictionary attack and recover the PSK.IKEProbe is a tool that can be used to find vulnerabilities in a VPN environment using PSK for authentication(Belani & Mookhey, 2005).
PPTP Overview
PPTP is another type of implementation for a VPN server. PPTP uses TCP instead of UDP as a channel medium to send packets across the internet. The IP datagrams of the packets utilize the generic routing encapsulation (GRE) protocol to enclose the message being sent. Within the GRE the packet itself is encrypted using point-to-point protocol (PPP) which handles both packet authentication and encryption of the packet header. There are a few companies that helped develop the PPTP protocol, which include Microsoft, 3COM, Ascend Communications and others. The implementation that comes with newer Windows operating system supports the following authentication methods: password authentication protocol (PAP), challenge handshake authentication protocol (CHAP) and Microsoft challenge handshake authentication protocol (MS-CHAP). MS-CHAPv2 protocol is what will be focused on in this
paper which is a more recent authentication protocol of PPTP that Microsoft uses(Microsoft, 2011).
PPTP Exploitation
The default VPN software that comes installed on Windows machines uses the PPTP protocol.This can be exploited by a program called ASLEAP2(Wright, 2007)which uses an authentication dictionary attack to decrypt the password of a user account. Thiscan be done by performing a man-in-the-middle attack between the client VPN and the server. This was a big security issue when it was first discovered in 2004 since many Windows machines were utilizing the PPTP protocol to setup their VPNs(Ou, 2004).
In this exploit,the system environment that was used for testingwas a Windows XP SP2 computer to run as the VPN PPTP server and the client was Windows 7. For setting up both the server and client no additional software was needed as one can easily create a PPTP VPN server as well as setup a VPN client to connect to the server.When setting up the VPN server MS-CHAPv2 was enabled for the authentication protocol. On the server end, a username and password was created for the client to establish a connection to the server.
Now that the setup for the server and client is ready, time to focus on the man-in-the-middle attack. Before the VPN client connects with the server, the attacker needs to setup the man-in-the-middle attack. This is done by using a tool called arpspoof, which can be obtained when installing the BackTrack Linux distribution, that ARP cache poisons the connection between both server and client. ARP cache poisoning allows the attacker to fool the client into thinking that the hacker is the server, and similarly the server will think that the hacker is the client causing it to relay messages through the attacker. This allows the attacker to modify the packets being sent to and from the computers, but in this case it will be used for packet sniffing the connection between the two machines. Two instances of the arpspoof tool need to be run for both directions of traffic, one from the client IP address set as target and server IP address set as host; as well as the opposite direction server IP address set as target and client IP address set as host.For analyzing the packets that are being sent from the machines the hacker needs to use a packet sniffer such as wireshark3(Combs, 1998). Wireshark is a free open source application that has a lot of uses for analyzing network protocols and traffic that is occurring from one machine to another. For the rest of this section assume the wireshark program is being used to sniff the packets. Wireshark needs to be running before the client establishes a connection to the server in order to see the handshake between server and client. Now the attacker will wait for the client to connect to the VPN server.
2 ASLEAP download link: http://www.willhackforsushi.com/Asleap.html3Wireshark download link: http://www.wireshark.org/
Initially in wireshark the attacker will just see a bunch of ARP protocol packets being sent and received between server and client. When the client connects to the VPN server, the attacker can filter out the packets and focus on PPTP protocol packets. More specifically the attacker can use the filter CHAP to look at the handshake packets. In wireshark, the first occurrences of PPTP CHAP packets are when the client makes the connection to server which iswhen the handshake of the server and client is accepted. Amongst the PPTP CHAP packets, the attacker will find the packet labeled challenge. In that packet there is a section labeled PPP challenge handshake authentication protocol that contains a data field which has a hexadecimal value. The attacker will copy that hex value, which is the challenge key, and store it somewhere for later use in the ASLEAP program. Following the challenge packet is the response packet and the attacker will repeat the same steps as mentioned above to find the data value in the response packet and copy it for later use.
Having both challenge and response hex values, these can be passed into a program called chap2asleap4(G0tmi1k, 2010)which is a python script that will properly truncate, format and generate the correct arguments that need to be passed into the ASLEAP program. From CHAP challenge from wireshark is the same as the authentication challenge in chap2asleap. The CHAP response is broken down into the peer challenge which is the first half of the CHAP response before the leading zeros; the response challenge is the second half of the CHAP response after the leading zeros. Once the authentication challenge and peer challenge hashes are found these can be added to the username hash which will generate the actual challenge hash to use in ASLEAP.
Now that the attacker has both the challenge and response hash values, the attacker can run it through the ASLEAP program. First the attacker needs to have a dictionary file to use. There are many ways to setup dictionary files and there are even ways to custom make a dictionary file directed to a specific user if the attacker knows about the user. For example, there is a program called common user passwords profiler (CUPP2)5(Kurgas, 2009)which will guide the attacker throughquestions asking to enter information such as name, spouse, children, birthdates, favorite pets, etc. and whichwill then generate a dictionary file with possible password combinations related to the information the attacker put in.
Once a dictionary file is ready to be used, the attacker can then pass in the two hex values from the challenge and response. The tool can perform a dictionary attack on the last two bytes of the NTLM hash key and then from there crack and attempt to decipher the password. Obviously the more complex the password the harder for a dictionary attack to
4 Chap2asleap download link: http://g0tmi1k.blogspot.com/2010/03/script-chap2asleappy.html5 CUPP2 download link: http://www.social-engineer.org/framework/Computer_Based_Social_Engineering_Tools:_Common_User_Passwords_Profiler_(CUPP)
prove successful, in which case there are times that it will not work and this exploitation will fail(Kitchen, 2009).
Figure 5: PPTP exploitation procedure flowchart.
Results
For experimentation the IPSec penetration test, a Linux computer was setup with the latest Ubuntu operating system distribution installed to it. Openswan6(Richardson, Wouters, Antony, Bantoft, & Trojanowski, 2003)is open source software that provides an IPSec VPN implementation for Linux. Once openswan is downloaded and installed in Linux it was the connection and security settings were configured to accept a secret pre-shared key which was specified in the configuration file (Zhan, 2010). When openswan has been verified, by putting in “sudoipsec verify” in the command prompt, that the IPSec server has been setup and initialized properly then one can proceed with IPSec penetration testing with the ike-scan tool.
The Linux server was setup in the same local area network as the client computer which will be using ike-scan to see if a handshake from the VPN server can be obtained and identified. In this experiment the IP address of the server is known so it can be passed into the ike-scan command prompt.
Figure 6: Server accepted standard handshake by ike-scan.
As seen in the figure above, the server machine is 192.168.1.119 and the source port that was used is 700. In the experiment, the standard source port of UDP 500 on the client computer was already in use by another process and this is why UDP port 700 was used instead. If no transform is specified as an option in the ike-scan argument then the standard 6Openswan download link: http://www.openswan.org/
transform is sent to the server which uses triple DES encryption, SHA1 hash algorithm, pre-shared key authentication method and Diffie-Hellman group modp1024 which is shown in the above figure. The standard transform value that would get passed into ike-scan tool would be “—trans=5,2,1,2”. Some IPSec implementations will accept more than one type of encryption value or hash value. In the following figure, a different transform is specified to use on the same server to see if it will accept a IKE handshake.
Figure 7: Server accepted different transform handshake by ike-scan.
In the example above, the server did accept a different type of IKE packet sent which used AES encryption, MD5 hash algorithm and modp1536 Diffie-Hellman group. Notice the authentication method is still the same from the previous example since this server is configured to only accept pre-shared key authentication. To prove this the following figure will use the same transform as above but change the authentication method from pre-shared key to RSA signature.
Figure 8: Server denies specified transform by ike-scan.
The server denied the transform using RSA signature authentication and simply sends back a notify message to the client stating there is a VPN presence but it is not an acceptable handshake with the server.
After an acceptable IKE handshake has been returned, as shown in figures one and two, it will show vendor ID codes which can be used to determine the type of VPN implementation is being used on the server. The second vendor ID was found automatically by ike-scan which tells the user in parenthesis what the vendor ID is; in this case it returned dead peer detection
v1.0 which is a method used to detect if any dead IKE peers are found. The first vendor ID is what is unknown right now. The user can perform the backoff strategy to make a guess as to what VPN implementation is being used on the server.
Figure 9: ike-scan backoff strategy makes implementation guess.
In the figure above, notice ike-scan does make a good guess as to what the implementation is being used. Openswan is the VPN implementation and is one of the guesses ike-scan made which means ike-scan was successful in determining the VPN software.
For the PPTP man-in-the-middle attack the setup that was used is Windows 7 Pro for the client machine. The client computer used the standard VPN client software that comes with Windows 7 which can be setup through a guided wizard in network connections under control panel. The server machine in this experiment was the Windows XP Pro SP2 operating system. The server also used the standard VPN software which was setup through the same wizard but just configured as a server to accept client connections. On the server end a user named merlin was created with the password of rocky123. A third computer is setup for the man-in-the-middle attack which will use the BackTrack Linux operating system. This operating system comes with some security tools that will be used for the attack. ASLEAP, CUPP2 and chap2asleap had to be downloaded separately on the machine performing the attack. Wireshark and arpspoof come automatically with the BackTrack distribution. In this experiment, all computers are on the same local area netowork with different IP addresses.
First step is to arpspoof the connection between the server and client and vice versa so that the both directions of packet traffic are going through the computer that is performing the man-in-the middle attack. The syntax for arpspoof is the following: the interface is specified with “-i” which tells arpspoof what adapter to use to perform the ARP poisoning in this case
eth0 is used. The “-t” specifies the target or destination address and the last IP address in the example is the host or source IP address. Two shells in BackTrack are used for each direction of packet traffic.
Figure 10: Arpspoofing packet traffic from the server to the client.
Figure 11: Arpspoofing packet traffic from the client to the server.
After the arpspoofing is setup wireshark is then loaded to analyze the packets being sent and received through the attack machine. At this point the attacker is ready to have the client connect to the server. Once the client connects to the server the handshake challenge from the server and response from the client will then be shown amongst the other packets in wireshark. Putting in the keyword chap into the filter will allow only the challenge and response to be displayed.
Figure 12: Challenge packet shown in wireshark.
In the figure above notice under the info column that one of the challenge packets is selected. From there going under PPP challenge handshake authentication protocol there will be a data value which is selected in the figure above and that value is recorded and saved to use for later.
Similar with the response packet in the following figure below the data value of the response is recorded and then used later. The response data value is longer where the first part of the value is the peer challenge which is sixteen bytes followed by some zeros. The second part of the value is the peer response which is 24 bytes. Also notice in the response packet the name value is merlin sent in the clear text which is the username of the client that is being used in this experiment.
Figure 13: Response packet shown in wireshark.
After these values are recorded they can be passed into the chap2asleap script which will generate the correct challenge key to use in the ASLEAP program. In the command-line the arguments that need to be passed into chap2asleap are the username which was found in the response packet of wireshark as well as the challenge value and the response value. This will output the correct challenge key to use in ASLEAP as shown in the figure below.
Figure 14: Chap2asleap generates the challenge key to be used for ASLEAP.
Along with the challenge key that was generated is the syntax convention to use when passing the challenge and response values to the ASLEAP program. The challenge and response values in the asleap argument are now colon delimitated as this is the proper format to use with asleap.
The custom dictionary file specific to the client user was generated next using the CUPP2 program. The program was executed in interactive mode which prompted the attacker with questions related to the user. Recall that the password for the user merlin is rocky123. In the experiment, Merlin has a dog named rocky which was used as part of the password for Merlin. This will help reduce the amount of brute force dictionary attack attempts that are needed to determine what the password is.
Figure 15: CUPP2 dictionary file being generated using the words submitted from the attacker.
The dictionary file that was generated is called merlin.txt which contains a bunch of random possible password combinations the user merlin could have potentially used. The text file should then be passed into a utility called genkeys which will generate hash keys for all passwords listed in the dictionary file. In the command line tool the attacker will specify an output hash dictionary file in this case called dict.dat and an index file is also created called index.idx. Finally the colon delimitated challenge hash, response hash, dictionary hash file and index file can be passed into the ASLEAP program to perform a brute force dictionary attack and attempt to determine the password. In the figure below, ASLEAP demonstrates that it was successful in cracking the password and shows the NT hash file that was associated with the word rocky123.
Figure 16: ASLEAP successfully determines the password for the user merlin.
Discussion
In comparison between the IPSec attack and the PPTP man-in-the-middle attack, typically the PPTP exploit will be an easier form of attack to perform. The main issue with the PPTP exploit is the initial part where the man-in-the-middle attack is setup. If either the server or client is behind a good firewall and both machines are located in remote locations from one another than chances are arpspoofing the connection in order to see the packet traffic will not be successful. Some internet service providers, now days, have security systems in place or firewalls that will prevent the use of arpspoofing the connection. If the client and server are both within the same network or not protected by any firewalls most likely the connection will be able to be arpspoofed.
The IPSec penetration test is a more difficult and tedious task to perform as it involves trying many different combinations of transforms in the ike-scan tool in order to get a response the appropriate acceptance response from the VPN server. Using the tables to get a sense of what algorithms and protocols are commonly used the most is very helpful in reducing the amount of different transforms that need to be performed. In some cases the attacker may only need to try a few different transforms assuming it is using common protocols.Another issue with the ike-scan tool is sometimes when the right acceptable handshake is sent to the server the server will not send a response back correctly or the tool will hang indefinitely. This could be a bug in the ike-scan tool itself but it is not certain. The other issue with ike-scan is, on the rare occasion, it might not identify the correct vendor id and version number of the server.
Conclusion
VPN is an effective means to transmit data communication between two different computers. However, it is crucial to protect VPN servers as they can be compromised if not
setup properly. There are still plenty of people that continue to have these vulnerabilities in the VPN infrastructure. When attempting both of these exploits there will not always be success in cracking the password or getting into the VPN system. There are a number of different problems that could arise making it difficult to gain access to the VPN server. Luckily there are solutions that have been released to correct these issues.
Depending on the type of attack that was made, a server administrator would need to look into logs and activity to see if any potential data was stolen or accounts compromised. If the IPSec attack was used to exploit the VPN server then the administrator will want to upgrade the VPN software to the latest version, if it was not already; otherwise the administrator may need to reconfigure the way the users connect to the VPN network or change to a different system entirely. If the PPTP man-in-the-middle attack was performed then the administrator might not need to disregard the current VPN server setup. It would depend on what happened, if the password of the user was too simple and not complex enough, then the administrator could increase the password complexity requirements and notify all users on the VPN server to change their password. The administrator should also see why the attacker was able to arpspoof the connection in the first place, which might require additional firewalls and security measures to be put in place to prevent it from happening again.
There are a few good tips that should be noted regarding VPN security. Always keep the VPN server software up-to-date, as hackers will try to exploit out-of-date VPNs that contain a possible security risk. Use a firewall to control what can and cannot pass through the network. Try using one of the latest encryption and authentication protocols; out-of-date ones will make it more susceptible to attacks (Bodi, 2010).
BibliographyBelani, R., & Mookhey, K. K. (2005, February 9). Symantec. Retrieved from Penetration Testing IPsec VPNs:
http://www.symantec.com/connect/articles/penetration-testing-ipsec-vpns
Bodi, S. (2010, September). Techtips By Satish. Retrieved from VPN Security: http://techtipsbysatish.blogspot.com/2010/09/vpn-security.html
Combs, G. (1998). Wireshark - Go Deep. Retrieved from Wireshark: http://www.wireshark.org/
G0tmi1k. (2010, March 17). G0tmi1k: [Script][Video] chap2asleap.py (v0.1.1) Cracking VPN (asleap & THC-pptp-bruter). Retrieved from G0tmi1k: http://g0tmi1k.blogspot.com/2010/03/script-chap2asleappy.html
Hills, R. (2009, August 15). NTA Monitor. Retrieved from Ike-scan User Guide: http://www.nta-monitor.com/wiki/index.php/Ike-scan_User_Guide
Kitchen, D. (2009, November 3). Hak5. Retrieved from Hacking PPTP VPNs with ASLEAP: http://revision3.com/hak5/asleap/
Kurgas, M. (2009). The Official Social Engineering Framework - Computer Based Social Engineering Tools: Common User Passwords Profiler (CUPP). Retrieved from Social Engineering - Security Through Education: http://www.social-engineer.org/framework/Computer_Based_Social_Engineering_Tools:_Common_User_Passwords_Profiler_(CUPP)
Microsoft. (2011). Microsoft TechNet. Retrieved from Understanding PPTP (Windows NT 4.0): http://technet.microsoft.com/en-us/library/cc768084.aspx
Mitchell, B. (n.d.). VPN Tutorial. Retrieved from http://compnetworking.about.com/od/vpn/a/vpn_tutorial.htm
Ou, G. (2004, December 17). ZdNet. Retrieved from PPTP VPN authentication protocol proven very susceptible to attack: http://www.zdnet.com/blog/ou/pptp-vpn-authentication-protocol-proven-very-susceptible-to-attack/21
Pandya, H. M. (2011). FreeBSD. Retrieved from FreeBSD Handbook Chapter 14 Security: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ipsec.html
Richardson, M., Wouters, P., Antony, A., Bantoft, K., & Trojanowski, B. (2003). Openswan. Retrieved from Openswan: http://www.openswan.org/
Wright, J. (2007, May 10). asleap - exploiting cisco leap. Retrieved from Hacking, Pen-Testing, Securing and Defending Wirelesss Networks: http://www.willhackforsushi.com/Asleap.html
Zhan, R. (2010, April 30). Configure L2TP/IPSec VPN on Ubuntu. Retrieved from Riobard: http://riobard.com/blog/2010-04-30-l2tp-over-ipsec-ubuntu/
