starred/fortigate-crypto
1
0
Fork 0
mirror of https://github.com/noways-io/fortigate-crypto.git synced 2026-04-26 02:45:59 +03:00
Code Issues Projects Packages Wiki Activity
No description
5 commits 1 branch 0 tags 57 KiB
Find a file
Exact
guillaume75110 4b3a9eb09f
 Add blog entry link to README.md
2024-03-04 15:33:39 +01:00
chacha20.c add initial files 2024-02-23 05:46:53 -05:00
chacha20.h add initial files 2024-02-23 05:46:53 -05:00
decrypt_rootfs.c formatting, handle unsupported OS arch 2024-02-29 06:45:50 -05:00
decrypt_rsapubkey.c formatting, handle unsupported OS arch 2024-02-29 06:45:50 -05:00
encrypt_rootfs.c formatting, handle unsupported OS arch 2024-02-29 06:45:50 -05:00
getrootfskey.py formatting, handle unsupported OS arch 2024-02-29 06:45:50 -05:00
LICENSE Initial commit 2024-02-23 05:39:19 -05:00
Makefile add initial files 2024-02-23 05:46:53 -05:00
README.md Add blog entry link to README.md 2024-03-04 15:33:39 +01:00

README.md

FortiGate rootfs decryption tool (by optistream.io)

On recent FortiGate firmwares versions, rootfs.gz is checked against a signature then decrypted using ChaCha20.
This is implemented inside the kernel (flatkc) within function fgt_verify_decrypt.

  • getrootfskey.py: retrieve encryption key from kernel
  • decrypt_rootfs/encrypt_rootfs: decrypt/encrypt rootfs.gz using previously retrieved encryption key
  • decrypt_rsapubkey: auxiliary tool for decrypting RSA public key embedded in kernel for rootfs signature check (fgt_verifier_pub_key)

Tested on: FortiOS 7.4.2, 7.4.3 (x64 & aarch64)

0. Build

$ sudo apt install libssl-dev
$ make

1. Get rootfs encryption key from kernel

This script actually analyzes fgt_verifier_pub_key function to retrieve encryption seed (using miasm==0.1.5):

$ python3 -m venv .venv
$ . .venv/bin/activate
$ pip install miasm
$ python getrootfskey.py flatkc.elf.x64.v7.4.3
Architecture: x86_64
Seed address: 0xffffffff817932e0
Extracted seed: b'4CF7A950B99CF29B0343E7BA6C609E49D9766F16C6D2F075F72AD400542F0765'

2. Decrypt/encrypt rootfs

$ ./decrypt_rootfs rootfs.gz.x64.v7.4.3 rootfs.gz.x64.v7.4.3.decrypted 4CF7A950B99CF29B0343E7BA6C609E49D9766F16C6D2F075F72AD400542F0765
833E9BAFBF0C2F581E9A949B13C4352B9D52C72A27B925EA3B46F8236BFF58F1
8C575F183A1AD583BDDD9A822A8A5D4E312452509E322FA46283A9EAF7E30BF6
rootfs size: 71395069
Decrypting rootfs...
Writing to rootfs.gz.x64.v7.4.3.decrypted...

Links

https://www.optistream.io/blogs/tech/fortigate-firmware-analysis

https://github.com/Ginurx/chacha20-c

https://github.com/cea-sec/miasm

Author

https://optistream.io