Decrypt pre_shared key from Netscreen



  • Hi

    Dont know where to post my question, hope this is appropriate.

    There is a firewall in our office to which I connect with Netscreen Remote. I am now configuring my access from a Linux laptop with Racoon. I have another netscreen on which I tested the connection, and worked great with knowing the pre-shared key, so the technology works for sure.

    Now on the netscreen I am trying to connect, noone knows the pre-shared key, I only have its config file, which has the key in an encrypted format. Is there any way to decrypt it with some tool?

    Here I post a “bogus” one I created with my other netscreen to show an example of what the key looks like in the config file.

    Any help is greatly appreciated, as I am tired of using Windows.

    Thanks,

    Ben

    set ike gateway "test.userp1" dialup "test.user" Aggr outgoing-interface "untrust" preshare "F2AEMy4tNlSCAdsMA5CM05WsSsnuJn39dA==" proposal "pre-g2-des-md5"
    

    p.s. the key I am looking for I also have in a HEX format in the windows SPD policy file if that is any help.



  • Hi

    I am authorized to get the key, if we knew the key. Redistributing would be one way, but thats a hassle. I have the config file, and when we make a change, we just reupload the changed config file to the unit, and it keeps the password, worked in the past, so why change it.

    The above mentined solution works, thanks a lot. I have the key.

    I really appreciate the input,

    Ben

    P.S. By all means, if this topic is not legit, can be removed. However it may also help admins see how vulnerable the dump process is with the old client in use.


  • Engineer

    From your message it seems you are neither administrator of the firewall nor the authorized user to access the remote network thats why you are looking to decrypt the key.

    If you are authorize then oufcourse your admin guy can give u the preshared key.

    Ot if you guys have forgotten the key even then you can simply change the key and redistribute the spd file tro every one

    Since u are not authorize to know the key, u trying to get help in this forum.



  • Hi

    NTA Monitor have found, that the PSK stored unencryted in the process memory.
    NSR 8.5 has this issue, NSR 8.6 is fix.

    see here:
    http://www.nta-monitor.com/posts/2005/02/safenet.html

    cu Marco



  • Wow, that is really bad, as I cannot change the Pre-shared key. There are many users using it in remote locations from the Windows Client, and they all have the SPD policy imported, so changing the key will break their connection.

    Is there no other possible way to get it done? I never heard anything that cannot be cracked somehow….

    I can provide the key in two versions, the Encrypted from the config file, and the HEX from the Windows registry.

    Any help is really greatly appreciated,

    Ben



  • There is no way to decrypt the password hash.  Even JTAC cannot do this (I asked this before).  You will need to reenter the preshared key on both ends.


 

23
Online

38.4k
Users

12.7k
Topics

44.5k
Posts