You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Apr 2, 2025. It is now read-only.
Initial Access T1190 Exploit Public-Facing Application Attackers exploit the FortiGate WebSocket vulnerability to gain access to the system without authentication.
Local setup
make a fake server with the key aspects in the comment on the router of my lab
Attack it with an exterior machine and the PoC
Capture the Network traffic of the attack with Tcpdump
find a way to spot it though the pcap
Initial Access T1190 Exploit Public-Facing Application Attackers exploit the FortiGate WebSocket vulnerability to gain access to the system without authentication.
Local setup
make a fake server with the key aspects in the comment on the router of my lab
Attack it with an exterior machine and the PoC
Capture the Network traffic of the attack with Tcpdump
find a way to spot it though the pcap
External sources
https://github.com/watchtowrlabs/fortios-auth-bypass-poc-CVE-2024-55591/blob/main/CVE-2024-55591-PoC.py
https://github.com/sysirq/fortios-auth-bypass-poc-CVE-2024-55591
https://github.com/exfil0/CVE-2024-55591-POC/tree/main