Hey friends, today our pal Hackernovice joins us for a tool (actually two tools!) release party:
-
- EvilFortiAuthenticator – it’s like a regular FortiAuthenticator, but evil. This tool allows you to capture the FortiAuthenticator API and subsequently steal the entire device’s config, subsequently allowing you to restore the config to a second server and potentially steal cleartext Active Directory creds and SMTP accounts! We talk about
- BulletsPassView – a tool that originially allowed us to simply unmask the “hidden” API key in the FortiAuthenticator client (this did NOT work in the latest version of FAC).
- Once you get the API key, check out Fortinet’s documentation to do fun things like dump the whole config to a file on disk!
- After you steal the config and restore it to a fresh FortiAuthenticator, use maintenance mode to reset the admin password.
- Once you can adjust the restored config to your liking, try using MITMsmtp to capture email server creds in the clear!
- TCMLobbyBBQ – this tool has nothing to do with security, but helps PC players of the Texas Chain Saw Massacre get into lobbies more efficiently.
- EvilFortiAuthenticator – it’s like a regular FortiAuthenticator, but evil. This tool allows you to capture the FortiAuthenticator API and subsequently steal the entire device’s config, subsequently allowing you to restore the config to a second server and potentially steal cleartext Active Directory creds and SMTP accounts! We talk about
Share on socials: