Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

Decrypting Password in Conf files

Does anybody know how to decrypt a password in a Fortigate conf file? Long story short: WAN2 port running PPPoE and it' s been up for years. Nobody has the password. Conf file encrypts the password. Thanks Tim
10 REPLIES 10
rwpatterson
Valued Contributor III

The password is hashed, and I don' t believe there is any way to reverse engineer it.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
MasterBratac

I´dont think, that it´s hashed, because you need a plain text password, to transmit it to your pppoe provider .... It should be possible to recover the password by sniffing the wan port during dialup.
rwpatterson
Valued Contributor III

That may be correct. I was thinking about the IPSec tunnel passwords....

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
Not applicable

Thanks man. Thats what I thought but I wanted to put it out there. Tg
FortiRack_Eric
New Contributor III

It is hashed (of course) the fact that you have to enter a plain text password has nothing to do with it. But going back to the question. If you have access to the box you can make a backup unencrypted, password is optional. If you can' t backup then launch the CLI and do a show and capture the output. In case you don' t have all the config due to lower admin rights, modify the system admin section and add a new superuser. like conf sys administrator edit newadmin set profile superadmin set password 12345 next end Cheers, Eric

Rackmount your Fortinet --> http://www.rackmount.it/fortirack

 

Rackmount your Fortinet --> http://www.rackmount.it/fortirack
nsumner
New Contributor

Eric, You seem to be missing 2 things. They need the PPPoE password not a password on a conf file. Secondly it can not be simply a hash. Since by definition a hash is one way the backup of the conf file when encrypted isn' t a simple hash, and the PPPoE password isn' t a simple hash. In fact it must be 100% reversible. However that doesn' t mean we know how to reverse it. It may be simple or it may be very difficult (though for the PPPoE password they don' t want to waste to much CPU on reversing the encryption...
FortiRack_Eric
New Contributor III

LOL... It was late last night... obviously. I tested it and the PPPoE password is encrypted. Fortinet isn' t going to tell you what the algorithm is. So why don' t ask the password from your providor. Cheers, Eric

Rackmount your Fortinet --> http://www.rackmount.it/fortirack

 

Rackmount your Fortinet --> http://www.rackmount.it/fortirack
red_adair
New Contributor III

#diag debug enable #diag debug app ppp 3 .1 drop the PPPoE Link .2 re-connect -> The PPPd debug should tell you the PW for PPPoE auth in cleartext Doesn' t answer your question - but solves your problem :) -R.
wcente
New Contributor

And, in addition to that, generally you can connect any pppoe device, the modem and a laptop with a sniffer to a hub (it must be a hub, not a switch), than you can capture the packets and find out the password cleartext by analyzing the collected packets. hard but possible
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors