Fortinet Community

I don't think that would  work on the forticlient  encrypted password but OP please try and let us know.  This might raise a lot of eyes on how secure our configs are and specially with GOV that  wants or expect full encryption from  config interceptions

Ken Felix

uh-oh! tested and it worked...this is a ticking bomb.

Hopefully someone from FTNT reads this...

Well, someone from FTNT authorized my post. Furthermore, we already know that the psksecret has to be stored with reversible encryption (not hashing). If you do not believe me, check cookbook https://cookbook.fortinet.com/encryption-hash-used-by-fortios-for-local-pwdpsk/. The PSK for VPNs has to be known as plain text. Since any two FortiGates only share FortiOS, the master key(s) must be built into FortiOS. (Remember that a config from one FortiGate will work on another FortiGate perfectly. And the configuration file does not seem to start with a/an (encoded) master key.)

I just found two ways to work around the problem of having to find the one master key. The WiFi solution one was found by just thinking outside the box. Anyone could (or should) have found that one. It amazes me that no-one else has posted it publicly (or my Google Foo is embarrassing).

In what way would it be a ticking bomb? One does not post configuration files publicly. I wouldn't post even hashes of my passwords. Furthermore, configuration files can be encrypted. Either by FortiOS, or by yourself once you downloaded one.

But if you think it is a ticking bomb, I could of course change/edit my posts and hide crucial details. But can you elaborate a bit on why it is a ticking bomb? (Or should we start a separate topic?)

Sorry if you got me wrong, no need to re-edit your post at all. Bringing a fact out into the open is a one-way street, so to say. It's an illusion (in my mind) that you could withhold information, especially after publishing it once. On the contrary, to enhance the situation this kind of information should be made known as much as possible.

What I meant with 'ticking bomb' is that up to the practical proof I didn't expect that a config file would reveal passwords in such an easy way. And thus handled them more or less as non-critical.

For practical and legally acceptable purposes, knowing these methods is good news. But it does pose a security risk as the awareness is not yet established. One day when everybody knows that one should treat a config file as delicately as a sheet with cleartext passwords, the risk will be minimal. So IMHO publishing it here in the forums is the best way to quickly disperse the information. Thank you for making us aware of this risk.

I did get you wrong then. No problem. Let me reshow it then:

Method 1:

1) Log in into the web-interface as a (super?) admin. 2) Change your url/path to https://your-fortigate-ip...?plain-text-password=1 3) Firefox understands the JSON reply. I hope your browser does too. Search for the term "psksecret" on the page. Passwords/secrets should be listed as plain text passwords now.

4) FWIW: When testing without "?plain-text-password=1", you will get 'psksecret: "ENC XXXX"'

Method 2:

You can always view the Pre-Shared Key of a WiFi SSID via the GUI. But since FortiGate/FortiOS uses the same algorithm for storing these passwords as for (say) phase1 PSK's, you can simply:

Dear all,

just to have it checked. I have tested this with some other "encrypted" password (e.g. admin, localuser, OSPF, snmpuser, certificate) on the FortiGate. This seems only be possible with pre-shared keys and SSID passphrases.

As described under the following link, posted by gammuts, the other passwords are hashed and encoded.

https://cookbook.fortinet.com/encryption-hash-used-by-fortios-for-local-pwdpsk/

Best regards

Jo

Mr.J wrote:

just to have it checked. I have tested this with some other "encrypted" password (e.g. admin, localuser, OSPF, snmpuser, certificate) on the FortiGate. This seems only be possible with pre-shared keys and SSID passphrases.

Can you elaborate a bit on this? We agree on admin, localuser: those are encrypted hashes and therefore not very valuable imho. But I am able to decrypt snmpuser as configured in "config system snmp user" and I am able to decrypt private keys as configured in "config certificate local".

Let us for instance decrypt this configuration part:

config certificate local
    edit "Fortinet_CA_Untrusted"
        set password ENC 1Fuy5e9Sn/7ZwlDObvvfCBOHCTxArb8vN9eyECepCD7c0K/x9CFqcyEQViix+3e85UWkB78sz6riIQjnRNkg5PI5XJJDfod0RUe95qE9O0I4MkSVPZ+0I3rse6Jf1LpUdjOMiacmzwKrMeuiPQkLZwg6Oo3AMMv9tWGohWK8jZTEcuuc5HT63L6BVYlU2LFRsYBf/w==
        set comments "This is the default CA certificate the SSL Inspection will use when generating new server certificates."
        set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIph4PVL2RhxgCAggA
        (...)
        set certificate "-----BEGIN CERTIFICATE-----
MIID8DCCAtigAwIBAgIIL/bv+KE0v8swDQYJKoZIhvcNAQELBQAwga4xCzAJBgNV
        (...)
        set scep-url ''
        set range global
        set source factory
        set source-ip 0.0.0.0
        set ike-localid-type asn1dn
    next
end

I can get the password if I enter this:

config wireless vap
  edit wirelessdummy
    set passphrase ENC 1Fuy5e9Sn/7ZwlDObvvfCBOHCTxArb8vN9eyECepCD7c0K/x9CFqcyEQViix+3e85UWkB78sz6riIQjnRNkg5PI5XJJDfod0RUe95qE9O0I4MkSVPZ+0I3rse6Jf1LpUdjOMiacmzwKrMeuiPQkLZwg6Oo3AMMv9tWGohWK8jZTEcuuc5HT63L6BVYlU2LFRsYBf/w==
    set ssid dummy
    set vdom root
  next
end

FWIW: The password I get via the GUI, is '62b47da31ba2a980e751e96164bc5a97ae53e3dda0e76324a66ab47e342c18'.

FWIW2: To confirm that this private key password is right, I copied the encrypted private key to a file, and decrypted it with openssl, for example:

openssl rsa -in Fortinet_CA_Untrusted.key.pem -noout -text -passin pass:62b47da31ba2a980e751e96164bc5a97ae53e3dda0e76324a66ab47e342c18