https://github.com/anasbousselham/fortiscan
A high performance FortiGate SSL-VPN vulnerability scanning and exploitation tool.
https://github.com/anasbousselham/fortiscan
fg-ir-18-384 fortigate fortinet golang ssl-vpn vulnerability
Last synced: 5 months ago
JSON representation
A high performance FortiGate SSL-VPN vulnerability scanning and exploitation tool.
- Host: GitHub
- URL: https://github.com/anasbousselham/fortiscan
- Owner: anasbousselham
- Created: 2020-11-25T01:41:47.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2023-06-30T18:25:34.000Z (almost 2 years ago)
- Last Synced: 2024-08-10T11:02:37.254Z (8 months ago)
- Topics: fg-ir-18-384, fortigate, fortinet, golang, ssl-vpn, vulnerability
- Language: Go
- Homepage: http://cve.bousselham.com
- Size: 13.2 MB
- Stars: 161
- Watchers: 8
- Forks: 34
- Open Issues: 4
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-security-vul-llm - anasbousselham/fortiscan - square) - Fortiscan是一款针对FortiGate SSL-VPN漏洞的利用工具,可用于检查设备是否存在该漏洞,并支持获取设备明文凭据。 (LLM分析过程)
README
# Fortiscan
(CVE-2018-13379) (FG-IR-18-384) Exploitation Tool,
You can use this tool to check the vulnerability in your FortiGate SSL-VPN.
### This vulnerability affects the following versions:
• FortiOS 6.0 - 6.0.0 to 6.0.4
• FortiOS 5.6 - 5.6.3 to 5.6.7
• FortiOS 5.4 - 5.4.6 to 5.4.12
https://www.fortinet.com/blog/business-and-technology/fortios-ssl-vulnerability
## Important Update 0.7
- Grab cleartext credentials with serial number of Fortinet device.
- Extremely Fast
## Usage v 0.6 File List
`./fortiscan ip.txt
`
## Usage v 0.5 (One Liner to Initiate the Scan : Host|IP:Port(443 or 10443 or 8443)
`./fortiscan 192.168.1.1:10443
`
## Requirements
Tested with Parrot & Debian Operating Systems and Windows 10
### Compiled version Linux & windows
https://github.com/anasbousselham/fortiscan/releases