Crypterella Stories: Fortigate


Playlists: 'hackerhotel2024' videos starting here / audio

We all love bedtime stories, and these stories are even better when they turn into reality. This cinderella story is about how a big vendor rolled its own algorithm to "encrypt" its firmware images to deter poor hackers like us from fiddling around and potentially uncover flaws. But what if your motive is not to uncover potential flaws, but simply to agnostically fingerprint devices left vulnerable on the internet?

Join us into a semi-deepdive of reverse engineering the Fortigate firmware "encryption" to satisfy our own curiosity, but also to make the web that little bit more secure by fingerprinting vulnerable devices in a non-obtrusive manner with the endgoal of notifying the related parties.

This talk will go into the process of reverse engineering the Fortigate firmware images with the purpose of developing a non-obtrusive version identification that can be used to fingerprint device firmware versions on the internet, this in turn can be used to notify the related party. Next to a technical deep dive the audience will be presented with a set of questions and thoughts on the topic of encrypting such firmware devices and if this really is the way to go for big vendors, or if these things are only making matters worse by limiting the scope to not just the "bad" people, but also the "good" people.