Decrypt FortiGate configuration secrets
Original advisory Vendor advisory
For Fortigate VM/appliances below versions 6.2.0, 6.0.0 to 6.0.6, 5.6.10 configuration secrets are stored encrypted with a unique key.
For versions above the non-default private-data-encryption parameter lets the user use a custom key. This is rarely used, even today.
This script decrypts secrets from dumped configurations.