SSH Backdoor for FortiGate OS Version 4.x up to 5.0.7

Page: < 12 Showing page 2 of 2
Author
emnoc
Expert Member
  • Total Posts : 5860
  • Scores: 387
  • Reward points: 0
  • Joined: 2008/03/20 13:30:33
  • Location: AUSTIN TX AREA
  • Status: offline
Re: SSH Backdoor for FortiGate OS Version 4.x up to 5.0.7 2016/01/25 19:33:02 (permalink)
0
yeap I agreed 100%
 

PCNSE 
NSE 
StrongSwan  
#21
simonorch
Gold Member
  • Total Posts : 342
  • Scores: 14
  • Reward points: 0
  • Joined: 2009/06/05 00:05:08
  • Location: Norway
  • Status: offline
Re: SSH Backdoor for FortiGate OS Version 4.x up to 5.0.7 2016/01/26 00:04:37 (permalink)
0
I agree...however, i would also question allowing SSH, or any admin access from an insecure or untrusted source. But then again, it's not the script kiddies who've found out about this that are the problem. It's the nation states with the resources to carry out sophisticated attacks against personnel who do have admin access to systems that is\was the concern, ideal for intelligence gathering.
 
 
 
 

NSE8
Fortinet Expert partner - Norway
#22
ede_pfau
Expert Member
  • Total Posts : 6383
  • Scores: 547
  • Reward points: 0
  • Joined: 2004/03/09 01:20:18
  • Location: Heidelberg, Germany
  • Status: offline
Re: SSH Backdoor for FortiGate OS Version 4.x up to 5.0.7 2016/01/26 02:23:18 (permalink)
0
My impression is that this access path was found by scrutinizing the firmware image, thus, by an 'insider'.
Anyway, the whole concept was so silly you couldn't believe it. The loss of trust is a deep cut.

Ede

" Kernel panic: Aiee, killing interrupt handler!"
#23
netmin
Gold Member
  • Total Posts : 209
  • Scores: 22
  • Reward points: 0
  • Joined: 2013/11/28 13:49:12
  • Location: NE, Germany
  • Status: offline
Re: SSH Backdoor for FortiGate OS Version 4.x up to 5.0.7 2016/02/13 05:25:50 (permalink)
0
At least...this 'concept' or its remainder appears now (5.2.6 VM) to be removed completely, whereas 5.2.5 (VM) presented at least a similar mimic (functional or not) when connecting via putty/ssh using the named account.
#24
ede_pfau
Expert Member
  • Total Posts : 6383
  • Scores: 547
  • Reward points: 0
  • Joined: 2004/03/09 01:20:18
  • Location: Heidelberg, Germany
  • Status: offline
Re: SSH Backdoor for FortiGate OS Version 4.x up to 5.0.7 2016/02/13 05:34:49 (permalink)
0
I don't quite understand your statement. A backdoor is only relevant if it is "functional", ie. permitting access to unauthorized people.
Besides, this kind of access does not use the standard ssh protocol, so access via putty wouldn't work in any case.
Fortinet states that v5.2 never has had this 'feature'.
 
So, what about your statement - are you saying you have been able to gain access using the BD credentials, in v5.2 and using putty?

Ede

" Kernel panic: Aiee, killing interrupt handler!"
#25
netmin
Gold Member
  • Total Posts : 209
  • Scores: 22
  • Reward points: 0
  • Joined: 2013/11/28 13:49:12
  • Location: NE, Germany
  • Status: offline
Re: SSH Backdoor for FortiGate OS Version 4.x up to 5.0.7 2016/02/13 05:47:05 (permalink)
0
Hi Ede,
 
certainly not, but without knowing in detail what had actually been changed...when connecting to 5.0.6 and when connecting to 5.2.5 using putty, it looks like the attached picture. This does no longer work on 5.2.6 and is a strong indication that it has been removed.
 
post edited by netmin - 2016/02/13 05:48:16

Attached Image(s)

#26
Page: < 12 Showing page 2 of 2
Jump to:
© 2020 APG vNext Commercial Version 5.5