SSH Backdoor for FortiGate OS Version 4.x up to 5.0.7
http://seclists.org/fulldisclosure/2016/Jan/26
I have not had a chance to try this. I don't see any threads discussing it. So, I thought I'd share.
yeap I agreed 100%
PCNSE
NSE
StrongSwan
I agree...however, i would also question allowing SSH, or any admin access from an insecure or untrusted source. But then again, it's not the script kiddies who've found out about this that are the problem. It's the nation states with the resources to carry out sophisticated attacks against personnel who do have admin access to systems that is\was the concern, ideal for intelligence gathering.
My impression is that this access path was found by scrutinizing the firmware image, thus, by an 'insider'.
Anyway, the whole concept was so silly you couldn't believe it. The loss of trust is a deep cut.
At least...this 'concept' or its remainder appears now (5.2.6 VM) to be removed completely, whereas 5.2.5 (VM) presented at least a similar mimic (functional or not) when connecting via putty/ssh using the named account.
I don't quite understand your statement. A backdoor is only relevant if it is "functional", ie. permitting access to unauthorized people.
Besides, this kind of access does not use the standard ssh protocol, so access via putty wouldn't work in any case.
Fortinet states that v5.2 never has had this 'feature'.
So, what about your statement - are you saying you have been able to gain access using the BD credentials, in v5.2 and using putty?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1736 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.