Curious about decrypting Fortinet's FortiOS 7.0.x firmware? In the latest Grimoire post, we delve into the technical details of doing just that, revealing a hardcoded key used in the ChaCha20 encryption algorithm and the steps required to extract the decrypted rootfs.gz file. With this information, researchers can investigate the relevant vulnerabilities and help users address potential security risks.
Check it out over here.
This article is a summary of the full, in-depth version on the GreyNoise Labs blog.
Read the full report